BENCHMARKS 


The Newsletter of the University of 
North Texas Computing Center 


VOLUME 11 NUMBER 4 
June 1990 


Security, Social Responsibility and 
the Appearance of this Newsletter 

By Claudia Lynch, Benchmarks Editor (bitnet aso^untvmi) 

T he focus of this issue of Benchmarks is security and social responsibility. 

Computers have become increasingly important in oureveryday lives,both 
in and out of the workplace. It is essential that people be cognizant of the 
inportance of securing their computer systems, both hardware and software. 
Many of the articles in this issue speak to those needs. 

Of perhaps even greater importance is the necessity to be a responsible com¬ 
puter user. This means resisting the temptation to write “cute” programs that 
will disrupt others’ computer systems, not sending “junk" and/or potentially 
threatening messages over computer networks, not using computer networks 
for criminal activities, etc. Three articles this month give graphic illustrations 
of irresponsible computing. They are “Detective Story Traces Hacker to Scene 
of Crime,” “WAN Security & Viruses," and “The Secret Service, UUCP, and 
The Legion of Doom." The 1990’s have been heralded as the decade of connec¬ 
tivity. If this is to be true, then a heightened sense of social responsibility must 
prevaiUf this does not occur, the connections that have been established will 
be severed, and computer systems will return, for the most part, to the isolated 
entities that they were in the past 

On a brighter note (1 hope), Benchmarks is undergoing a transformation. Due 
to the costs and poor print quality associated with having a pre-printed color 
page, we have decided to fall back to the more traditional black and white model 
you have before you now. While I was changing the cover page, I decided to 
change a few other things also. I will probably change a few more things before 
the summer is over, resulting in what I hope will be a more appealing and legible 
newsletter. If you have any comments or suggestions regarding our new look I 
would be glad to hear them. My various addresses are printed throughout the 
newsletter. Drop me a line. Your suggestion could make the difference in the 
appearance of Benchmarks for a long time to come.5 


Focus of this Issue: 

Computer Security and 
Social Responsibility 


TABLE OF CONTENTS 

GENERAL 1NFORMATION 


Academic Mainframe Operating 
System Upgrade Report 

- 3 

Saving Files on Academic Disks- 
Staff Activities 

4 

c 

How Secure is Your User-id?_ 

5 

Detective Story Traces Hacker to 
Crime... 7 

WAN Security A Vlnise*. . 

. 7 

The Secret Service, UUCP, and 

JO 

More Internet Databases 

J6 

The BITNFT Connection . 

J5 

IJST of the Month 

J7 

Benchmarks Forum . 

J* 

Faculty. Staff Seminars 

J9 

1990 Summer Short Courses-19 

MICROCOMPUTERS 


Maczilla -vs- the Slime Monsters22 1 

Macintosh /.DC Virus 

.22 

WordPerfect Users Group Mect- 

33 

M1CRO-TIPS . 

it 

Safe Computing Thwarts Viruses27 

Nasty Mac Trojan Discovered in 
Canada ■■ 

_2S 

Protecting Your Computer 
Hardware & Peripherals 

.29 

VAX COMPUTER CLUSTER 

VAY Upgrade.. 

-30 

Best of the BBS 

32 

VAXduster Usage Statistics_32 

COMPUTING TECHNICAL 
SERVICES 


-33 

Performance Statistic.. 

-34 


-35 

Disk Rackuo Schedule. 


11 ^ 1 




SERVICES AVAILABLE TO USERS OF THE 
UNT COMPUTING FACILITIES 


DIALING-UP UNT COMPUTERS OVER 
THE TELEPHONE 


The UNT Computing Center ie located in the Information 
Sciences Building(ISB), Room 119. Phone Numbers: 
Computing Center: (817)565-2324 

HelpDesk: (817)565-4050 

Micro Support: (817)565-2316.565-2319 

Graphics Leb: (817)565-3479 

ISB I/O Area: (817)565-3890 

BA I/O Atm: (817)565-2350 

All personnel listed below can be contacted either by calling 
the Computing Center or by sending them electronic mail on 
MUSIC/SP (ED-codes follow each name. All IDs are on 
BITNETnode UNTMUSIC). 

Benchmark s -Claudia Lynch casoo 

Information & ED-Codes; Disk Space Problems - 
Theresa Russell 

Statistical/Research Support - George Morrow casou, 
PanuSittiwong (ACosi.PhanitLaoairirat cac«) 

Academic AD ABAS/COM-PLETE - Cathy Hardy (ACM) 

CRSP & COMPUSTAT Problems - Panu Sittiwong cacosi, 
PhanitLaosirirat (AC4o 

Student Programming Problems - CSCI Dept., GAB 
Room 560; BCIS Dept., BARoom 162 

Problems with JCL, Passwords, or Operating Sys¬ 
tems; or Communication/Iferinlnal Problems - Help 
Desk 

Data Entry; Test Scoring A Analysis - Betty Grise 
Administrative Applications • Coy Hoggard 
Printout Retrieval-ISB or BA I/O Operators 


Phone numbersforthe Local AreaNetwork(LAN)are: 


300-2400 BAUD: (817)565-3300 

300/1200BAUD (817)565-3499 

300-9600 BAUD: (817)565-3461 

300-9600BAUD: D/FWMETR0429-6006.429-9314 

Air«codc2Mmu»tdt«]8l7brfort the METRO «. 

The numbers that accomodate multiple baud rates have an 
autobaud feature that requires you to hit the <RETURN> key 
repeatedly so that the receiving modem can determine the 
appropriate baud rate. When you have established a com¬ 
munications link, the • prompt will appear on your screen and 
you can enter one of following CALL commands to connect 
with thecomputerofyour choice. 

CALL 8040 connects with the HDS/8083 (supports line editing or 
PCWSJ.Operating environments available are: 
MUSIC/SP. VM/CMS. 

CALL 3270 connects with the HDS/8083 through a 3270 

protocol converter (supports full-screen editing). 
Operating environments are: MUSIC/SP. VM/CMS. 
ADABAS/COM-PLETE 

CALL DEC connects with the VAXcluster (VMS. Eunice) 

CALL 780 connects with the Research VAX (Unix) 

CALL 3000 connects with the Libraries' HP-3000 (Bibliographic 
database). 

CALL 6800 connects with the NBI (Unix) 

Communications Settings 

IAN addrcaaca DalaBlla Parity StopBlta 

DEC. 3000 8 N 1 

8040.3270.780.6800 7 E 1 


StopBlta 

1 

l 


CALL DEC 
CALL 780 


HOURS FOR UNIVERSITY OF NORTH TEXAS COMPUTER ACCESS AREAS : Summer 1990* 



Location 


Computing Center RJE 


IS8110 Terminal Area 


College of Business 


Graphics Lab 


Willis Library 


Sunday 

Monday 

Tbesdsy-Saturday 


Sunday 

Monday-Thursday 

Friday 

Saturday 


Sunday 

Monday-Thursday 
Friday, Saturday 


Sunday 

Monday-Thursday 

Friday 

Saturday 


Sunday 

Monday-Thursday 

Friday 

Saturday 


Sunday 

Monday-Thursday 

Friday 

Saturday 


Times 



lp.m.-10 pjn. 
8:00 ajn.-10 p.m. 
8:00 ajn.-6 p.m. 

9 a.m.-6 pjn. 


Noon-11:45 p.m. 
6:15 a.m.-] 1:45 p.m. 
8:15 ajn.-7:45 pjn. 


4-11 pm. 
9-11 pjn. 

9 a.m.-3 p.m. 
CLOSED 


Noon-10 pjn. 
7 a jn.-10 pjn. 
9ajn.-6pjn. 
Noon-6 pjn. 


lp.m.-10 pjn. 
730 ajn.-10 pjn. 
730ajn.-9 p.m. 
9ajn.-9pjn. 


•Houn may vmry o«ck MUSIC/VAX Newsand/<i posted schedules for exceptions- 


This issue of Benchmarks was produced by the Documentation Sources sccion ot Academic Computing using Xcroi Ventura 
Publisher on an AT clone andpnnted on an Apple LascrVJriler II and an HP LaserJet Series II Unless otherwise noted, articles or | 
information may be reproduced lor nonprofit purposes provided the publication and issue are fully acknowledged. 






























GENERAL INFORMATION 


Academic Mainframe Operating 
System Upgrade Report 


By Dr. Philip Baczewski, Academic Mainframe User Services Manager 
(BrrNET.XClMJUNTVWl) 


Q“ 

jokeTbi 


uestiorv How many systems programmers does it take to change a light bulb? 
Answer: None; that's a hardware problem. That might be a pretty good 
ut it’s doesn’t quite reflect the realities of maintaining a large computing 
system. Hardware and software are inter-dependant, and both areas must be 
taken into account when any major operating system change is made to the 
mainframe. This is especially the case in upgrading from VM/SP to VM/XA. 
During the three-week semester break following the spring semester, the UNT 
Computing Center was involved in installing VM/XA on the academic 
mainframe computer, a project which was discussed in the April/May issue of 
Benchmarks} 


As stated in that article, this time period was chosen to try to avoid a disruption 
of mainframe computing services during the summer terms. It was felt that the 
semester break offered the best chance of inconveniencing the fewest number 
of users during a process which would require three or more days of system 
down time and periods of system instability immediately after the installation 
was accomplished. As was stated in the previous article, immediately after the 
upgrade the mainframe would still be in a “use at your own risk" status. The 
installation process turned out to be every bit as difficult as anticipated, and 
more. 


Why so Much Down Time? 

In order to run VM/XA on the HDS 8083, the dual cpu system had to be 
reconfigured to support the newer software technology, new micro-code (the 
“lowest-level” software on the system) had to be loaded to support the new 
operating system. Because VM/XA utilizes a different mainframe architecture 
than VM/SP, the new VM system had to be “built” from a very basic level, and 
that process could only be started after the necessary changes were made to the 
hardware. 

The question can be asked, “why couldn’t the basic VM/XA system be built 
before the upgrade process began?” When UNT upgraded from VM/SP version 
3 to version 5, the initial installation could be done under the control of VM/SP 
version 3. This approach is not possible with our present upgrade to VM/XA 
because the computer architecture required for VM/XA is different from that 
required for VM/SP. 2 It is not possible, therefore, for VM/XA to “run under” 
VM/SP (however, it is possible for VM/SP to run under VM/XA, since VM/XA 
can simulate the architecture require by VM/SP). 

* See “VM Upgrade Planned,” on page 11 in the April/May, 1990 issue of Benchmarks. 


Another approach might be to build 
the initial VM/XA system on a physi- 
cally-separate computer system 
similar in configuration to the HDS 
8083. In reality, however, the UNT 
Computing Center does not current¬ 
ly have the budgetary resources to 
acquire an additional mainframe 
computer for this purpose. There¬ 
fore, the only course of action avail¬ 
able in this case for performing the 
upgrade to VM/XA (and likewise, 
the only way to utilize the full perfor¬ 
mance capabilities of the HDS 8083) 
was to shut the machine off from the 
academic users to perform the 
upgradeon the academic mainframe. 
Under the best of circumstances, 
reconfiguring the mainframe and 
building and installing the new 
operating system would take at least 
two to three days. As academic 
mainframe users are painfully aware, 
UNTs initial upgrade process re¬ 
quired almost seven days of system 
down time. 

What Happened during the 
Upgrade Process? 

The upgrade began on Wednesday, 
May 16, with Hitachi Data Systems 
staff reconfiguring the HDS 8083 to 
support the VM/XA architecture. 
By Wednesday afternoon, the first 
steps were being taken to load a 
“starter system" onto mainframe 
disk drives. Problems were en¬ 
countered with this process, how¬ 
ever, and it was finally determined 
that the program supplied to us by 
IBM for this purpose was the wrong 
version (IBM’s mistake). IBM 
agreed to send the correct version by 
the next day. 


2 Computer Architecture can be defined as “its attributes as seen by the programmer, that is, the conceptual structure and functional 
behavior as distinct from the organization of the data flow, and logical design, and the performance of any particular implementation. 
Several dissimilar machine implementations may conform to a single architecture. When programs running on different machine 
implementations produce the results that arc defined by a single architecture, the implementations are considered to be compatible.” For 
more information on IBM mainframe architecture, see IBM Mainframes, Architecture and Design by N.S. Prasad. 


Benchmarks 


June 1990 


Page 3 





GENERAL INFORMATION 


Saving Files on Academic OS Disks 

By George Morrow, Academic Computing Consultant 

T his is a reminder of the policies concerning the storage of files on the 
academic OS disks: ACADOO, ACAD01, ACAD02, and ACAD03. 
The designated use of these disks is as follows: 

ACADOO faculty research 

ACAD01 College of Business instruction 

ACAD02 all other instruction 

ACAD03 faculty research 

When storing a file on one of these disks you must use the following 
University of North Tfexas naming convention.The convention is of the 
form: USER.IDxx.name 

where: USER must appear 

. must appear 

IDxx is your user ID 

. must appear 

name one or more optional fields (each of which may not 

exceed 8 characters), separated by periods. 

The total length of the data set name may not exceed 44 characters, including the 
first three mandatory fields and any periods. Usually the larger the blocksize, the 
more efficient use of disk space. Please do not write data to disks with a blocksize 
of 80 or less, 4800 is an efficient blocksize to use with logical record sof length 80. 

At the end of each semester any files on the academic disks that have not 
been referenced (read) in the past six months are archived to tape.g 


On Thursday, May 17, the starter sys¬ 
tem w££ loaded on to disk. Attempts 
to IPL 3 the VM/XA system in multi¬ 
processor mode (i.e. to use both 
CPUs on the HDS 8083) were unsuc¬ 
cessful. It was determined that HDS 
staff would need to make further 
changes to the micro-code. The new 
micro-code was loaded on Friday, 
May 18, and by Friday afternoon, we 
were ready to proceed with installing 
the VM/XA system. By this time, 
almost three complete days had been 
occupied with resolving hardware 
and software incompatibilities. 

VM/XA was up and running by Sun¬ 
day, May 20, however, it took a bit 
more time to bring up the produc¬ 
tion VM/SP system under the con¬ 
trol of VM/XA It took Monday and 
part of TUesday to resolve problems 
encountered when trying to bring up 
MUSIC and MVS. MUSIC came up 
at about 1-30 p.m. on TUesday (May 
22) and MVS was started at about 
530 p.m. 

Why Wasn’t There an 
Immediate Improvement in 
Mainframe Performance? 

The HDS 8083 can now run VM/XA 
version 2.1 as its primaiy operating 
system utilizing all 32M of the 
machine’s memory as well as both 
processors. Please note, however, 
that VM/XA upgrade process is not 
scheduled to be completed until 
August (see the previous article in 
the April/May issue). Because this 
intermediate step requires VM/SP to 
be running under the control of 
VM/XA, there will be no noticeable 
performance gains before the final 
phase of the upgrade, when VM/SP 
can be removed and full utilization 
can be made of VM/XA 

Because the first stage of the upgrade 
was incomplete, immediately after 
VM/XA was installed we actually 

3 IPL stands for Initial Program Load. An 
IPL is the process used to start a 
mainframe operating system running. 


experienced a level of VM/SP system 
performance lower than before the 
upgrade began. The academic 
mainframe system was shut down at 
8:00 a.m. on Saturday, June 2, and 
was not restarted until 8:00 a.m. on 
Monday morning, June 4. This down 
time was necessary to try to improve 
system performance of VM/SP and 
was a necessary part of the VM/XA 
upgrade process. Once the entire 
process is completed in August, the 
full benefits of the VM/XA upgrade 
can be realized. 

Why Change? 

Perhaps you’ve heard this one: 

Question: How many psychologists 
does it take to change a light bulb? 
Answer: One, but the light bulb has to 
want to change. Change has become 
inevitable in our increasingly com¬ 
plex technological society. Installa¬ 
tion of VM/XA on the academic 


mainframe is being done to better 
support the changing needs of in¬ 
structors and researchers using that 
system. These changes are both in 
reaction to present problems and in 
anticipation of future needs. 

Much work has gone into the instal¬ 
lation of VM/XA, yet much work 
remains to make it the “production” 
environment of the academic 
mainframe. With VM/XA comes a 
new CMS system as part of it, on 
which many programs are yet to be 
installed. This work will proceed 
through the summer and by the fall, 
it will be possible to eliminate the 
VM/SP “middleman." The Comput¬ 
ing Center realizes that any time the 
academic mainframe is down it is 
probably an inconvenience to some¬ 
one. We are working to keep the in¬ 
convenience to a minimum and we 
appreciate the patience of our 
academic mainframe users.g 


Page 4 


June 1990 


Benchmarks 






Computing Center Staff Activities 


T he Computing Center staff has been busy doing many things in addition 
to their normal job duties. Following is a list of staff members and their 


various accomplishments. 


How Secure 
is Your 
User-id? 


• Dave Molta, Director of Academic Computing, gave a paper at the 1990 
Netware Users Conference in Dallas on May 15. The titleof his presentation 
was “Common LAN Problems.” Dave also has had the pleasure of seeing his 
book, Novell Netware: Advanced Techniques and Applications, published. 
Co-authored with Dr. Paul Schlieve of Computer Education and Cognitive 
Systems, the book is available in paperback from Wordware Publishing., Inc 

• Chandra ban (C.R.) Chevli, Data Communications Analyst, presented a 
paper at the International Conference on Computing and Information 
(ICCm) at Niagara Falls, Ontario, Canada (May 23-26). The paper, co- 
authored with Hee Yong Youn of the Computer Science Department is 
entitled “An Efficient VLSI Network Bridge Architecture for Local Area 
Networks.” The article was published in Advances in Computing and Infor¬ 
mation, the Proceedings of ICCI’SX), and will be included in a forthcoming 
book called Lecture Notes, from Springer Publishing Company. 

• Scott Norton, Linda Wallace, Sue Harrison, Margaret Ambuehl, Dierdre 
Hayes, Jenny Haynes, Mashld Grooms, Rocky Bass, Eric Duchemin and 
John Dysart continue in their pursuit of physical fitness. Norton, Wallace, 
Harrison, AmbuehL Hayes and Haynes all received t-shirts for their atten¬ 
dance of 40 fitness classes during the Spring 1990 semester. Linda Wallace 
logged 272.0 miles while walking/jogging indoors. She also won first place 
in her age group in the Broncos Against Drugs 5K on February 17. Other 
indoor walker/joggcrs (Pace-Makers) and their distances include: Scott 
Norton — 219.0 miles; Margaret Ambuehl —123.0 miles; Dcidree Hayes — 
97.0 miles; Jenny Haynes—87.0 miles; Mashid Grooms—84.0 miles; Rocky 
Bass — 83.5 miles; Sue Harrison—71.0 miles; Eric Duchemin —18.5 miles; 
and John Dysart —11.0 miles. 

• Philip Baczewsld may have the distinction as the first Benchmarks author to 
have an article translated into a foreign language. His “BITNET Connec¬ 
tion” article “Is Anyone Out There ??” ( Benchmarks , October 1989) was 
translated by Pablo Liendo for use in Caracas, Venezuela. The Spanish title 
is “£Hay Alguien Alii?” If, by chance, you would like to see this in Spanish, 
we have a copy. 

On the job front, the following activities have occurred: 

• James Shoffit, longtime VAX Lead Operator, BBS author, and general 
wizard, made us realize just how good he was when he left to take “a real 
job” (he was part-time) at Atlas Powder Co. in Dallas. 

• Abraham John decided that he preferred microcomputers to mainframes 
and returned to his job in the Dean of Students office. Cathy Hardy has 
joined the Academic Computing staff as Abraham’s replacement Cathy was 
employeed with the Database Central Programming Support Thant (CPST) 
in Administrative Computing and knows she likes mainframe computing.} 


By Dr. Philip Baczewsld, Academic 
Mainframe User Services Manager 

(BfTNEIt AC12&UKTYM1) 

T he people that write computer 
operating systems have long 
realized that data security is a 
desirable and necessary part of any 
multi-user computing system. 
That’s why most systems won’t allow 
you access unless you give some type 
of password known to both you and 
the computer operating system. 
Operating systems employ varied 
schemes for keeping these 
passwords a secret, in some cases, 
only storing an encrypted version of 
the password on line. A great deal of 
responsibility for user-id security is 
also placed upon the shoulders of 
you, the computer user. 

Selecting your Password 

How you select your password and 
how you protect it will, to a large 
degree, determine how secure your 
user-id is. The ideal password is one 
which is meaningful enough to you 
that you can recall it from memory, 
yet not something so related to you 
that someone could guess it Possib¬ 
ly the worst password you could pick 
is your first or last name. (Actually, 
the vety worst password would be 
the user-id itself!) Anyone who hap¬ 
pened upon a listing of your name 
and user-id would not have a dif¬ 
ficult task if their intent were to 
“break into” your user-id. Likewise, 
the names of spouses, children, or 
pets are not necessarily the best 
choices either. Perhaps a random set 
of letters and numbers is the best 
password, however, this is definitely 
not the case if you have to have your 


Benchmarks 


June 1990 


Page 5 





GENERAL INFORMATION 


Do not give out your user-id and password over the 
phone or via an on-line interactive or mail message. 


password written down next to your 
terminal in order to remember iL 
How, then, do you select a secure 
password? A password should 
probably consist of a combination of 
more than four letters and numbers, 
and, if the system allows it, special 
characters such as punctuation 
marks (inclusion of numbers or spe¬ 
cial characters decreases the 
likelihood that your password could 
be guessed by someone running a 
“dictionary program”). Another 
password possibility is to think of a 
phrase which is well-known to you 
and combine the first letter from 
each word to form the password. 
This usually results in a combination 
of letters which is hard for someone 
else to guess, yet easy for you to 
remember. 

Keeping your Password Secure 

Once you select and use a secure 
password, your user-id will be totally 
secure only as long as that password 
is known only to you and the com¬ 
puting system. If you write down 
your password in a place where 
others might see it, you are jeopard¬ 
izing the integrity of whatever infor¬ 
mation you have stored on your 
computer user-id. Sometimes it is 
necessary for two or more people to 
gain access to one user-id. In this 
case, each person knowing the 
password should be as careful to 
protect it as if it were their own per¬ 
sonal user-id involved. 

1 One method computer backers use to 
break into systems is to write a program 
which will read words from a dictionary 
and then try them as passwords for known 
computer userids.[Keep reading this 
issue for more information on this — ed.] 


In keeping your password secure, 
you should also follow these addi¬ 
tional guidelines: 

• Do not give out your user-id and 
password over the phone or via 
an on-line interactive or mail 
message. 

No matter why callers say they 
need It, do not reveal your 
password or anyone else’s 
password. Do not be intimidated 
into telling them regardless of the 
reasons they give. Generally, the 
administrator of any system you 
use has sufficient privileges to 
resolve any problem with your 
user-id. 

• Be suspicious If callers or other 
on-line users Identity themselves 
as Computing Center personnel 
and demand your password over 
the phone or on-line. 


No Computing Center personnel 
will ever demand your password. 
Any problem that needs to be 
resolved by Computing Center 
personnel can be referred to the 
appropriate system administrator 
and should not require that you 
divulge your password. 

• Report any attempts to obtain 
passwords to the appropriate sys¬ 
tem administrator. 


Reporting such an attempt to the 
system administrator will allow 
him or her to be on guard for 
someone attempting to com¬ 
promise system security. 

Changing Your Password 

Any time you think your password 
may have become known to someone 
else, you should immediately change 
it Sometimes it is best to change it 
on a regular basis to guard against 
accidental discovery. When chang¬ 
ing your password, be sure to 
memorize it. Computing Center 
personnel can change your password 
to an agreed value if you have forgot¬ 
ten it, however, this is an incon¬ 
venience to both you and the Com¬ 
puting Center. Also, just as you 
should never give out your password 
over the phone, Computing Center 
personnel will not give you your 
password over the phone. In order 
to protect the security of your on-line 
information, we will only give you 
your password if you come to our 
offices and show some type of photo 
identification card. 


There is some difference of opinion 
among system administrators as to if 
passwords should ever expire or not 
Some make the argument that expir¬ 
ing passwords on a regular basis en¬ 
courages people to write them down, 
thus lessening system security. Some 
think, however, that if the expiration 
period is of a reasonable length, 
automatic expiration can guard 
against accidental discovery of 
passwords. On UNTs MUSIC sys¬ 
tem and on the VAX Ouster, log-on 


Be suspicious if callers or other on-line users identify 
themselves as Computing Center personnel and demand 
your password over the phone or on-line. 


Page 6 


June 1990 


Benchmarks 





GENERAL INFORMATION 



passwords do not expire. On CMS, 
passwords expire after 180 days and 
MVS/SP passwords expire in 
anywhere from 30 to 180 days (as set 
by the user). 

The Bottom Line on Password 
Security 

In the final analysis, the security of 
your user-id is ultimately deter¬ 
mined by you, the computer user. 
Software systems and system ad¬ 
ministrators go to great lengths to 
prevent unauthorized access to user- 
ids. If your name is Fred Smith, your 
user-id is “SMITH,” and your 
password is “FRED”, you’ve just 
short-circuited all of that protection 
in one simple move.fi 


Detective Story 
Traces Hacker to 
Scene of Crime 

By Christine de Aragon (cdearaoo* 
orion.cair.du.edu) Buffer Editor 
University of Denver. 

This article originally appeared in the 
University of Denver Computing Cen¬ 
ter Newsletter, Buffer (Volume 25, 
Number 1 January 1990 ). It was 
received from the Articles database of 
CCNEWS, the Electronic Forum for 
Campus Comuting Newsletter 
Editors, a BITNET-based service of 
EDUCOM. The Cuckoo’s Egg; 
Tracking a Spy Through the Maze of 
Computer Espionage; was written by 
Clifford Stoll and published by 
Doubleday Books. It is available in 
most major bookstores. 

T he recently published book, 
The Cuckoo’s Egg, has all the 
elements of a classic spy novel but 
the detective is a hippie astronomer 
who follows a trail of clues through a 
computer network. 


Continued on page 8. 


Changing Your Password on Different Systems 

ISe in e Sn t ^: Change ^ PaSSW ° rd ’ the f0,Iow1ng information 

2XSIEftl-PASSWORD CH ANGE MPTHnn 

VAY/UUC T T_,L. r. . n . . _ 


VAX/VMS 

MUSIQSP 

VM/CMS 

MVS/SP 

Unix systems 


Novell file 
servers 


Use the Set Password command. The Vax will promDt you for the 
information Deeded to change the password. ^ F ^ tfle 

Use the PROFILE NEWPW«xnmand. MUSIC will promDt vou 
for the information needed to change the password. ** ^ yOU 

D ™ M ™ command. The Directory Maintenance 
P^JjWUl prompt you for the information needed to change the 

S^p'SSI5IS ty „ progra 2J 00 MUSICor . use the 
MV^JOB cfS 0RD “ (old -P assword ’ n ^-Password) on your 

On the Unix systems (RVAX or NBI) use the passwd command 
U^passworA pr0mpt ^ for lhc in ‘ orma >ion needed to change 

To change your Novell fil e ser ver password, use the SETPASS 
command or optionally SETTPASSserver name. The file server 
will prompt vou for the information needed to change the 

“I* SETPASS, you will be able to change 
the password on the server to which you are logged onto and 8 

SJK ^ a !Sffi hron “ your password 00 al1 *"*«* [ ° 


WAN Security & Viruses 

By Billy Barron, VAX System Manager (BrrNEr3iu.Y@uNrvAX) 


1 J ue to the exponential growth of Wide Area Networks, viruses and security 
problems on WANs has become a major issue, lb start our investigation 
of these issues, let s first look at the history of WAN security and viruses! 


History 


The Christmas Virus 


Around Christmas time in 1987, the first major WAN virus appeared and was 

‘,!T,^ ,ate ! y dubbed lhe vins - The Christmas Virus was a REXX 

(CMS) script that drew a Christmas tree on the user’s screen. Meanwhile it 
would look in the user’s NAMES file and find the addresses of other network 
users. Once these addresses were found, the virus would send copies of itself to 
those users. Fortunately, the only purpose of the virus was to propagate itself 
Because of all the copies of the Christmas virus, it greatly slowed down BITNET 
and bought VNET IBM’s internal network, to its knees. 


Continued on page 8. 


Benchmarks 


June 1990 


Page 7 





GENERAL INFORMATION 


Detective Story continued from page 7. 

The Cuckoo’s Egg, written by Clif¬ 
ford Stoll, is a true, detailed account 
of Stoll’s involvement with interna¬ 
tional computer espionage told with 
wit and humor. 

Although the images of a textbook 
spy, dressed in a trench coat and 
without a sense of humor, enters our 
minds and Stoll’s alike, the methodi¬ 
cal hacker remained faceless and was 
only identified by his passwords 
throughout the majority of the book. 

This is not the typical cloak and dag¬ 
ger book with secret decoder rings 
and murder. Instead Stoll writes 
about networks, military computers, 
Ttojan horses, Unix and VMS. 

Computer security is a serious mat¬ 
ter. Even though Stoll provides a 
technical analysis, he often ap¬ 
proaches the topic lightheartedly 
and even humorously. 

For example, he describes the 
password encryption software as “a 
one-way trapdoor, its mathematical 
scrambling is precise, repeatable and 
irreversible." But then he compares 
it to a sausage machine; “if you turn 
the crank backwards, pigs won’t 
come out of the other end.” 

The narrative provides a history les¬ 
son in Unix and VMS with other 
technical information to be ap¬ 
preciated by computer wizards. Yet 
the story is well written and can be 
easily followed by computer novices. 

Stoll was an astrophysicist turned 
systems manager at Lawrence 
Berkeley Lab in California when a 
75-cent accounting error alerted him 
to a hacker with super-user 
privileges. 

The intruder moved through a maze 
of American military and research 
computers unseen by most, but 
tracked by StolL A year of stalking 
lead Stoll to West Germany where he 
set up a sting operation and un¬ 
covered a spy ring. 


Stoll viewed the 75-cent shortfall as 
a natural test for a budding software 
wizard. He discovered the hacker 
had exploited bugs in the Unix and 
VMS systems to cruise though the 
networks free of charge and un¬ 
noticed. 

On the Unix computer, the hacker 
found a bug in the Gnu-Emacs 
editor. He used Gnu to swap his spe¬ 
cial atrun file for the system’s 
legitimate version. Within five 
minutes the bogus file would be 
operational, giving the hacker the 
keys to all the doors in the system. 

The hacker was like a cuckoo bird; 
laying eggs in other birds’ nests. The 
survival of the cuckoo chicks 
depends on the ignorance of the 
other species to raise the young. The 
hacker laid egg-programs, let the sys¬ 
tem hatch it and feed him privileges. 

On VMS systems the hacker relied 
on the carelessness of system 
managers who failed to change the 
original passwords. For example, the 
account SYSTEM, with the 
password MANAGER, gives the 
hacker complete privileges. 

The hacker didn’t pick locks. Instead 
he preyed on careless system 
managers who failed to completely 
secure their computers by locking 
the backdoors. 

By exploiting these bugs the hacker 
made attacks on about 400 Milnet 
computers. From Germany, he 
crossed the Atlantic ocean either by 
TAT-6 cables on the ocean floor or 
via satellite through Tymnet, then 
Lawrence Berkeley Laboratory, 
across the Milnet to defense contrac¬ 
tors and universities across the 
United States. 

This story provides an interesting ac¬ 
count of one man’s struggle to 
protect America’s military secrets 
without the help of the FBI, the CIA 
or any other national agency.fi 


WAN Security continued from page 7. 

Eventually, it took three steps to 
stop the virus. First, the key weak¬ 
ness of the virus was that if users 
didn’t manually run it then it could 
not spread so users were told to not 
run this program. Second, many sys¬ 
tem managers deleted all the copies 
of the Christmas Virus they could 
find on their system. Finally, BIT- 
NIC wrote a virus to find the 
Christmas Virus and destroy it This 
new virus was smart enough to kill 
itself off after a period of time. 

Occasionally, new infections of the 
Christmas Virus periodically crop 
up, but they have never been as bad 
as the original. Modified versions of 
the Christmas Virus also exist, such 
as DIR EXEC. 

KGB Hackers 

In August 1986, ex-astronomer Clif¬ 
ford Stoll at Lawrence Berkeley Labs 
started tracking down a 75 cent ac¬ 
counting error on their computer 
system [see companion story on this 
page — ed.j. Fhirly quickly, he dis¬ 
covered that an account had been 
created on his system without any of 
the systems people knowing about it 
Then a couple of days later, he 
received a mail message from 
another site saying that someone 
from LBL was attempting to break 
into their computer. Upon further 
investigation. Cliff discovered that 
someone had system privileges il¬ 
legally. 

Instead of just locking the hacker 
out, he decided the best course of 
action was to allow the hacker to 
continue using LBL’s computer 
while he would tiy to track the hack¬ 
er back to his source. Initial contact 
with the Police and the FBI led to no 
results. These agencies only saw the 
problem as a 75 cent theft instead of 
the invasion of privacy it was. 

Over the next several months, Stoll 
learned that the hacker was after in- 


Page 8 


June 1990 


Benchmarks 


GENERAL INFORMATION 


The most common security hole on Wide Area Networks 
tend to be return addresses on MAIL. 


formation on several military 
projects and had broken into 
hundreds of computers on TYM¬ 
NET and the Internet Even though 
Classified information is not kept on 
networked computers, much can be 
learned from what is on them. After 
several gyrations, the hacker was 
tracked back across the country. 
Eventually, an FBI agent on the East 
Coast became very interested in the 
case. This was a key break. 

The trace continued and the hacker 
was eventually found to be in West 
Germany. One by one the CIA, the 
NSA and the West German Police 
became involved. Cliff's girlfriend 
came up with a plan to keep the 
hacker on the line for a longer 
period of time. They started creat¬ 
ing files about a fictitious secret net¬ 
work called SDINET Finally, the 
hackers were caught with this plan. 

The hackers turned out to be mem¬ 
bers of the Chaos Computer Club. 
The CCC is a group of computer 
hackers in West Germany that 
believe that all information should 
be publicly available. These par¬ 
ticular members became involved 
with selling US military information 
to the KGB. The West German 
Police seized the hackers’ computer 
equipment, disks, and printouts. All 
the hackers but one quit their ac¬ 
tivities immediately. A year later, 
some of the hackers admitted their 
involvement in the incident and 
helped the police. Charges were 
bought up against the other mem¬ 
bers. In the end, three hackers were 
put on probation. Another one of 
the hackers committed suicide. 

The method used by these hackers 
involved taking advantage of Unix 
security flaws and poor password 
management used by some system 


managers. These Unix security flaws 
have been corrected. Also, during 
roughly the same time period other 
Chaos Computer Club members at¬ 
tacked SPAN using bugs in VMS 4.4 
security, which have since been fixed. 

Internet Worm 

Sometime around 6 PM EST on 
November 2,1988 the most famous 
computer virus (technically a worm) 
in history was introduced into the 
Internet by Robert Morris, the son 
of a famous computer security 
analyst working for the NSA [Inter- 
estingfy, Morris Sr. plays an important 
role in the events described in The 
Cuckoo’s Egg — edL\. The worm 
spread like wildfire infecting 
hundreds if not thousands of com¬ 
puters in a matter of hours. The only 
computers that were suspectable 
were Sun 3 systems and VAXes run¬ 
ning BSD 4.3 Unix. Within 24 
hows, solutions to stop the worm’s 


spread had been found. Many sites 
cut themselves off the network to 
protect themselves against the 
worm. Full Internet connectivity was 
not restored for weeks after this. 

The worm’s only purpose was to 
spread itself to as many machines as 
possible. The original intent was to 
have only one worm per computer, 
but due to a bug so many copies of 


the worm were on some computers 
that it slowed them down to a halt. 
The worm took advantage of several 
Unix security bugs. In addition, the 
worm attacked password security 
too. Bug fixes have been distributed 
for all the security holes. Robert 
Morris was given three years proba¬ 
tion, a $10,000 fine, and must per¬ 
form 400 hours of community ser¬ 
vice work. 

The WANK Worm 

In mid-October 1989, the WANK 
(Worms Against Nuclear Killers) 
worm attacked SPAN (NASA’s 
DECnet network). The goal of the 
worm was to put a message protest¬ 
ing nuclear war in VMS computers’ 
login screens. The worm utilized all 
different kinds of attacks. However, 
it was very easy to destroy and 
prevent. 

Forging Addresses 


The most common security hole on 
Wide Area Networks tend to be 
return addresses on MAIL. It is pos¬ 
sible on BITNET, the Internet, 
DECnet, UUCP, and possibly on 


other networks to forge MAIL ad¬ 
dresses. Fortunately, methods for 
exploiting these problems are not 
known by most users, but still the 
potential for havoc is great Interac¬ 
tive addresses can be forged as welL 
If you are in doubt whether or not a 
message has been forged, the easiest 
way to tell is based on the sender’s 
writing style. 


If you are in doubt whether or not a message has been 
forged, the easiest way to tell is based on the sender’s 
writing style. 


Benchmarks 


June 1990 


Page 9 


GENERAL INFORMATION 


Implementation of WAN 
Security 

Many users expect the Wide Area 
Network to protea the computers on 
it from hackers and worms. It is im¬ 
possible for the network to do this 
because telling the difference be¬ 
tween a legitimate application and a 
virus is hard for a human much less a 
computer. A good comparison 
would be to expea the phone com¬ 
pany to make it impossible to place 
obscene phone calls. Most, if not all, 
security must be host based. 

An important part of this security is 
good password security. If users pick 
poor passwords, then a system will be 
easier to penetrate. A good 
password should be at least six char- 
aaers long and not in the diaionary. 
Bad password choices include your 
userid and parts of your name. Some 
systems such as the VAX support a 
password generator (it can be used by 
typing SET PASSWORD/ GENERATE), 
that picks good passwords. Also, 
never tell anyone else what your 
password is. Finally, never write 
your password down on a sheet of 
paper or store it in a text file on a 
computer. 


Another key is for the System 
Manager to install security fixes im¬ 
mediately. Related to this is to never 
run any executable programs from 
an unknown source. If other users 
on the network give you a program, 
it is wise to get the source code for 
the program, look over the source, 
and then compile it yourself. 

Finally, it is important to keep the 
number of people that can write files 
into an account or the system of a 
computer to an absolute minimum. 
Unfortunately, many systems take 
this to an extreme where the 
computer’s useability suffers. 

Conclusion 


WAN Security is currently a major 
issue and will continue to be for the 
next several years. Computer ven¬ 
dors and users alike need to par¬ 
ticipate in developing and im¬ 
plementing better computer security 
systems. Unless computer security 
improves, the Wide Area Networks 
may have limited growth or even 
possibly die out over time. 9 


Lesk and A.S. Cohen and the pro¬ 
gram they wrote to implement the 
idea was Unix to Unix Copy, or 
UUCP. The idea caught on just 
about the same time Unix was taking 
off in popularity. 

As the number of computers that 
could UUCP to each other grew, the 
first wide-area network was born. It 
slowly grew to the size it has today of 
over 11,000 nodes, or individual 
computers. The UUCP network, 
named after the primary software 
used for communication across the 
network in its early days, now 
provides much more than simple file 
copying. The UUCP network now 
provides electronic mail, network- 
based news services and, of course, 
file transfer services between each 
computer on the network. 

Elearonic mail (e-mail) is a kind of 
computer-based postal system where 
people can send messages back and 
forth to each other elearonically 
without ever having to print them 
out on paper. 

UUCP news is not unlike e-mail. 
The network of computers where 
people read, write and distribute 
news is called Usenet. Most, al¬ 
though not all, of this service takes 
place on UUCP. Because of it’s 
popularity, though, the service is also 
available from the NSF-Internet and 
BITNET wide area networks. 
Usenet news is comprised of several 
hundred newsgroups. These 
newsgroups are forums for ongoing 
discussions on an endless variety of 
topics ranging from specific com¬ 
puter languages and architeaures to 
cooking, horseback riding, politics 
and religion. When a person sends 
e-mail to a news group, the message 
is automatically sent out to every 
computer on the network that sub¬ 
scribes to that particular news group. 
That way, each person who reads and 
posts to a news group is literally car¬ 
rying on a dialogue with hundreds, 
often thousands, of other people at 
the same time. 


The Secret Service, UUCP, 
and The Legion of Doom 


By Kevin Mullet, Data Communication Analyst (Bmrer. kev@ltntvax) 

UUCP 

B ack in 1978, a couple of bright fellows at AT&T’s Bell Labs, where the 
Unix operating system was developed, wondered if computer files could 
just be copied from one computer to another over a cable. State of the art data 
transfer back then meant writing data to paper cards or magnetic tape and 
reading them in on another computer. The chaps with the bright idea were M.E. 


Page 10 


June 1990 


Benchmarks 






GENERAL INFORMATION 



LIST of the Month 

Each month we will highlight one of the BITNET LISTSERV 
| Special Interest Group (SIG) mailing lists. This month's list.. 

VIRUS-L@LEHIIBM1 

Coordinaton LUKEN@LEHIIBM1 (Kenneth R. van Wyk) 
VIRUS-L is a forum specifically for the discussion of com¬ 
puter virus current events, protection software, and other 
virus related topics. The list is open to the public and is a 
digest format list 

This mailing list will keep you informed of all the new Viruses 
which may show up on various computer systems. Discussions 
also include how to prevent viruses from spreading and how 
to disarm various viruses once they have infected your com¬ 
puter system. To subscribe to this list send the following com¬ 
mand via interactive message or as the first line of a mad 
message to LISTSERV@LEHIIBM1: 

SUB VIRUS-L <firstrmme lastname> 



prevent you from reading any of your 
messages. If you wish further infor¬ 
mation, type HELP MAIL at MUSIC 
•GO mode, or read the help informa¬ 
tion provided as part of the MAIL 
facility (PF1). 

Sending and Receiving BITNET 
Mail on CMS 

The CMS mail system allows you to 
send and receive mail, manage log 
files containing mail messages, and 
set up a names file containing nick¬ 
names for BITNET addresses. The 
three programs that perform these 
functions are respectively MAIL, 
MAILBOOK, and NAMES. A com¬ 
plete description of these programs 
may be obtained by typing HELP 
name at the CMS command prompt, 
where name is the name of the pro¬ 
gram for which you want informa¬ 
tion. You can also refer to the docu¬ 
ment A User's Guide to Electronic 
Mail on CMS, available at the Com¬ 
puting Center offices (ISB 119). 

The format for sending BITNET 
mail on CMS is MAIL userid AT 
node or MAIL tuerid@node. Note, 
however, that CMS normally inter¬ 
prets the @ character as meaning 
“delete the previous character." If 
you wish to use the second form of 
BITNET address, you must disable 
or change the CMS “delete charac¬ 
ter" by entering one of the following 
commands when you first log on: 

TERMINAL CHARD EL OFF 
(to disable the delete character) 

TERMINAL CHARD EL % 

(to change the delete character- 
in this example the delete 
character has been changed from 
@ to %) 

Either of these commands may be 
included in your PROFILE EXEC 
file. CMS MAIL will prompt you for 
optional “Tb:” name, “From:” name, 
and “Subject:” fields and then allow 
you to enter your message text. 


Typing MAIL without any address 
specification will instruct the MAIL 
program to check your CMS reader 
for any incoming mail messages. If 
you have received any messages, 
MAIL will enter its “read” mode and 
display a list of incoming maiL 

Tb create or modify a “names” file 
containing your list of nicknames, 
you type NAMES from the CMS 
command prompt. (For help within 
the NAMES program, use PF 1 .) If, 
for example, you frequently send 
mail to HARRYX at CZHRZU1A, 
you could define the nickname 
HARRY to represent that address, 
lb send mail to that address, you 
would only need to type matt. 
HARRY. 

CMS MAIL can allow the use of 
“gateway” addresses, that is, mail to 


other networks which must pass 
through a gateway, however, you 
must do a little work before you can 
send your mail. Suppose you have a 
gateway address which has a user-ID 
and node name which are longer than 
eight characters, for example, a user- 
named Scott with an address of 
USER31EM@UB.CC.UMICH. 
EDU. First, type NAMES to execute 
the names program. Type a nickname 
(Scott) for the gateway address in the 
nickname field of the NAMES 
screen. Next, press <Hb> until the 
cursor has moved to the first “Thg” 
field and type: userid press <iib> 
again to move the cursor to the 
“\&lue” field and type USER3IEM 

Then press <u.b> again and type: 
NODE <Tab> UaCC.UMICH.EDU. 
ARPA 


Benchmarks 


June 1990 


Page 17 



GENERAL INFORMATION 



The second “The" and “Value” fielsd should now contain the nodeinformatioa 

Press PF2 to add this entiy to your names Gle and exit the 

pressing PF3. You could send mail to that gateway address by typing MAIL 

SCOTT. 

Sending and Receiving BITNET Mail from the VAXcluster 

The VAX MAIL utility allows you to send and receive BITNET mail from the 
JSxaSaH sendBITNETmail, type MAIL from the VAX system prompt 
The VAX will respond with the following prompt: 

MAIL> 

At this point, you may type SEND and the VAX will prompt you for the 
infomatfon needed u/seTa message. When you see the ^ 
will need to enter the BITNET address in the following format. 
IN%“userid@node.BITNEr where userid is your correspondent s ID<»de 
and node is their BITNET node name. Once *he address fcis.been entered 
successfully, MAIL will prompt you for an optional subject fieldICSubjO 
then allow you to enter your message text. If you had received a BrTNET 
message, you could type READ at the “MAIL" prompt, and MAIL would 
display the message. 

Sending mail through gateways is a bit easier on the VAX. Fbr example, to send 
mail to someone at an “Arpanet” address you only need to enter: 
IN%"arpanet address ARPA’ where arpanet_address is the complete designa¬ 
tion for the Arpanet user-ID and node. For information on sending to other 
networks enter HELP NETWORKS at the $ prompt 
Unlike MUSIC and CMS, VAX MAIL has no names facility, however, you can 
include logical definitions for your most frequently used BITNET addresses m 
your LOGIN.COM file. If, for example, you frequently send mail to BAR- 
RYZ@ JPNKEKVM, you can put the following line in y our LO GIN.COM file. 
DEFINE BARRY IN%*”BARRYZ@JPNKEKVM.BITNET"“ 

Then, when you wish to send a mail message to that address, you may type MAIL 
at the VAX system prompt, type SEND at the “MAH.” prompt, “ d 
BARRY at the *Tb:" prompt For more information about the LOG IN .cum 
file, type HELP GETTING STARTED from the VAX system prompt 
Fbr further information on VAX MAIL, consult the help Information available 
from within the MAIL program (type HELP at the “MAIL" prompQ.g 


Internet continued from page 16 

contains WOCE project informa¬ 
tion, directories of oceanographic 
datasets, directories of oceanog¬ 
raphers, and oceanographic re¬ 
search ships’ schedules. Tb access 
OCEANIC, TELNET to 
DELOCN.UDEL.EDU and 
login as INFO. 

• PEN pages - The Pennsylvania 
Department of Agriculture main¬ 
tains a database of agricultural in¬ 


formation that is available to In¬ 
ternet users. 'Ib use PENpages, 
TELNET to PSUPEN.PSU. 
EDU and then login as PNOTPA. 

• SDDAS-SDDAS (Southwest Re¬ 
search Data Display & Analysis 
System) is a large database con¬ 
taining data from the Dynamics 
Explorer satellites 1 & 2. This 
data is useful for research in space 
physics, magnetospheric physics, 
and upper atmospheric dynamics. 
All potential users must first get 
verbal approval from Dr. J.D. 



BENCHMARKS FORUM is intended to 
serve as a vehicle for answering questions 
that may be of general interest to the user 
community. If you have a question, please 
send electronic mail to the Benchmarks 
editor (BrrNET; aso*®uktv»41) or write it 

down and drop itby the ComputingCenter. 

We will try to answer it in the next issue. 

Question: What Is the difference 
between a virus, Trojan Hourse and 
a Worm? 

Answer: A vims spreads by inserting 
itself into programs, causing them to 
insert it into even more programs. A 
trojan house, like the name implies, 
secretly does its dirty work while ap¬ 
pearing to do something else. A 
worm propogates itself over net¬ 
works, consuming network and con¬ 
nected computer system resources. 
Many articles in this issue of 
Benchmarks discuss these topics.fi 

Benchmarks Re*der/U**r feedback to” 
•ncouragod. Bend alt letter*, sugges¬ 
tion.,*^ 1o(AS04@UNTVM1), FAX 
fl7-565-4060 or to the Benchma/fc* 
Editor at: 

Academic Computing Servtcea 
Unlveratty of North Texaa 
ComputingCenter 
nt station, gys gv 

Box 13489 : I&SluSm] 

Denton,Tex*» 76203 *»—- * 


Winningham (512-522-3075). 
After receiving verbal approval, 
SDDAS is accessed by TELNET 
ESPSUN.SPACE.SWRI.EDU 
540. 

• SIMBAD-SIMB AD (Set of Iden¬ 
tifications, Measurements, and 


Page 18 


June 1990 


Benchmarks 




GENERAL INFORMATION 



UUCP and UNT 

At NT, the most popular way to be a 
part of these Usenet news groups is 
with the ANU program on the VAX 
Cluster. Through ANU, anyone 
with a VAX Cluster userid can take 
part in up to 366 different 
newsgroups. Messages from ail over 
the world can be read from the user’s 
terminal. 

Usually this system works flawlessly, 
but a few weeks ago something hap¬ 
pened. A computer and UUCP net¬ 
work node partially operated by 
AT&T called ATTCTC was seized by 
the US Secret Service as evidence in 
an ongoing nation-wide investiga¬ 
tion of data piracy, credit card and 
long distance dialing abuse, and 
computer security violation called 
Operation Sun Devil. When 
that happened, the umbilical 
cord between NT and UUCP 
was severed. 

An understanding of why this 
impacted NT requires an un¬ 
derstanding of how UUCP 
works. The great strength and 
weakness of many wide area 
networks is their reliance on 
“store and forward” technol¬ 
ogy. Wide area networks 
which use store and forward 
schemes typically communicate only 
with computers, or nodes, that are 
geographically close to them. If a 
node on one side of the world has 
some e-mail, news or a file to send to 
a node on the other end of the world, 
it simply passes the data to a com¬ 
puter close to it along with instruc¬ 
tions about the eventual destination. 
That computer, in turn,, passes the 
data on to a computer dose to it 
until, many nodes later, the e-mail, 
news or files reach their intended 
destination. 

The great strength of this scheme lies 
in its economy. Any particular site 
need only pay for connections to a 
nearby neighbor to access the rest of 
the world. This way, a large number 


of sites can affordably interconnect 
in a global wide area network. 

The frailty of this technology is its 
weakness. On a network where the 
cost is so low to connect, many sites 
don't arrange redundant routing in 
case a critical node goes down. NT 
was such a site. When ATTCTC was 
seized, all the nodes "downstream" 
from it, including NT, lost their 
UUCP access. All these sites had to 
scramble to contact other 
geographically close UUCP nodes 
that were “upstream” of ATTCTC to 
arrange for new UUCP access. 
Three days later, thanks to the Com¬ 
puter Science department at the 
University of Tfexas at Austin, NT 
was back online to UUCP, but for 
some other sites on the UUCP net¬ 
work, the story was just beginning. 


The rest of the story 1 

Sometime in December of 1988, 
Robert Riggs, a 20 year-old student 
of DeVry Tfechnical School, hacked 
his way into a computer at Bell South 

‘ The story related in this section is based 
on the various sources cited at the end of 
this article. As this issue goes to press, the 
story is continuing to happen. The ac¬ 
count of the events related here, although 
confirmed with two or three sources, is 
based on second-hand accounts and hear¬ 
say. Most of it is probably true. Some of it 
may not be. The best way to know for sure 
is to read the continuing first-hand ac¬ 
counts in Usenet newsgroups like 
com.dcom.telcom (Telcom digest) in 
ANU on the VAXdustcr. 


telephone company headquarters in 
Atlanta. Bell South provides 
telephone service for Alabama, Mis- 
sippi, Georgia, Tennessee, Ken¬ 
tucky, Louisiana, North Carolina, 
South Carolina and Florida. 

Riggs was a member of a group 
called the Legion of Doom. Mem¬ 
bers of this organization are hackers 
who illegally compromise the 
security of various computer and 
telecommunications installations on 
a regular basis in order to enhance 
their reputation within the com¬ 
puter underground. 

Once he gained access to the Bell 
South computer, Riggs stole a docu¬ 
ment describing some of the work¬ 
ings of the emergency 911 service. 2 
On 23 January, 1989 Riggs copied 
the file through the UUCP network 
to Jolnet, a public access Unix 
system in Lockport, Illinois 
and made it available to Craig 
Neidorf, an editor of an under¬ 
ground on-line magazine for 
hackers and phreakers (hack¬ 
ers who specialize in com¬ 
promising telecommunica¬ 
tions security). 

Phrack, the magazine edited 
by Neidorf, is published 
electronically through the 
UUCP and NSF-Internet net¬ 
works and on numerous BBS’s 
across the country which specialize 
in disseminating information about 
hacking and phreaking. The 
magazine, a mainstream publication 
in the computer underground, is 
generally considered required read¬ 
ing for hackers and phreakers. The 
content of Phrack ranges from actual 
and fictional accounts of breaking 
into computer systems to technical 
details of computer security and tele- 

2 The Bell South name for the stolen com - 
puter text file is BeU South Standard Prac¬ 
tice (BSP) 660-225-104SV-Control Office 
Administration of Enhanced 911 Services 
for Special Services and Major Account 
Centers. 


This account is based largely on 
the grand jury indictments against 
alleged Legion of Doom members 
and accounts by actual Legion of 
Doom members who posted to the 
Usenet group comp.dcom.telcom 


Benchmarks 


June 1990 


Page 11 




GENERAL INFORMATION 



In the years since 1985, when it began operation, 
Killer IATTCTC became a critical node on the national 
UUCP backbone. Computers throughout the southwest, 
and people who used them, depended on ATTCTC for 
Usenet news, electronic mail and UUCP file transfer 
services. 


communications systems. Sources 


close to the Phrack publishers assert 
that the magazine has always been 
careful to avoid publishing anything 
that was overtly illegal. 

Neidorf, a 19 year old political 
science major at the University of 
Missouri, used his userid on a school 
unix system to retrieve the Bell 
South 911 file from Jolnet. Once he 
got the file, he edited it, as advised by 
Riggs, to conceal its source. Neidorf 
and Riggs intended to eventually 
write an article about the 911 system 
in Phrack. 

The actual 911 file in question is a six 
page, 20 kilobyte document describ¬ 
ing some technical and administra¬ 
tive details of the emergency 911 sys¬ 
tem that Bell South uses for its nine 
state service area. 

Through the 911 system, Bell South 
customers can dial 911 and be in¬ 
stantly connected with a Public 
Safety Answering Point (PSAP). 
Computers called Electronic 
Switching Systems (ESS’s) are criti¬ 
cal to telephone routing. Once 
someone in the Bell South service 
area calls 911, an ESS ensures they 
are connected with an appropriate 
PSAP. The 911 system then allows an 
emergency operator to determine 
automatically what number and ad¬ 
dress the caller is calling from and 
alert the appropriate emergency ser¬ 
vice dispatchers. 

Obviously, the details of security 
around such a system should be very 
closely guarded The potential for 
loss of life and property if such a 


system were maliciously com¬ 
promised is enormous. 

The Plot Thickens 

Unknown to Riggs and Neidorf, 
Richard Andrews, the system ad¬ 
ministrator of Jolnet discovered the 
Bell South 911 file on his computer 
soon after it was transferred there. 
Andrews sent a copy of the file 
through the UUCP network to 
another computer system called 
“Killer" that was owned and 
operated by an AT&T employee, 
Charles Boykin. Andrews requested 
that Boykin forward the file to the 
appropriate authorities. Andrews 


didn’t prevent further access to the 
file, delete it or frustrate the efforts 
of Riggs and Neidorf. He also kept a 
copy of the file for himself. 

Several months later, Andrews 
received a call from someone at 
AT&T who asked for another copy of 
the file. Not soon after that, the 
United States Secret Service came 
paid him a visit. Andrews has been 


coopcratingwith the authorities ever 
since. It is largely through his 
cooperation that federal indictments 
have been returned against five al¬ 
leged members of the Legion of 
Doom: Robert Riggs, Craig Neidorf, 
Adam Grant, Franklin Darden, Jr., 
and Leonard Rose. 

On February 3rd, 1990, after receiv¬ 
ing Andrews’ cooperation for over a 
year, the Secret Service raided Jolnet 
and seized it as evidence. 

Killer Falls 

In 1989, the privately-owned UUCP 
node known as Killer, through which 
Richard Andrews alerted AT&T of 
the stolen 911 file, was moved to the 
Dallas Infomart It was used by its 
owner, Charles Boykin, and AT&T 
as a public demonstration system. It 
was given a new name, AT&T Cus¬ 
tomer Technology Center , or AT- 
TCTC In the years since 1985, when 
it began operation, Killer/ATTCTC 
became a critical node on the nation¬ 
al UUCP backbone. Computers 
throughout the southwest, and 
people who used them, depended on 


ATTCTC for Usenet news, 
electronic mail and UUCP file trans¬ 
fer services. On the 20th of February, 
1990, without any advance notice, 
ATTCTC was permanently shut 
down, leaving NT with no UUCP ac¬ 
cess. 

AT&T claims that the closure was 
due to lack of funds, although the 
system was privately owned and 


AT&T claims that the closure was due to lack of funds, 
although the system was privately owned and operated 
by Charles Boykin. Sources close to the Texas Unix 
community assert that ATTCTC was shut down and 
seized by the US Secret Service ... 


Page 12 


June 1990 


Benchmarks 



GENERAL INFORMATION 



When all was said and done that day, the Secret Service 
had taken the Illuminati computer, all staff personal 
computers and printers, modems, software, spare 
hardware, all material related to GURPS Cyberpunk, a 
laser printer, a bag of nuts and bolts and some candy off 
the desk of Creede Lombard, who ran the Illuminati 
BBS. 


operated by Charles Boykin. Sour¬ 
ces close to the Tfcxas Unix com¬ 
munity assert that ATTCTC was shut 
down and seized by the US Secret 
Service because two of its userids 
belonged to suspected members of 
the Legion of Doom. Various credit 
card numbers and long distance dial¬ 
ing codes were allegedly found in 
files owned by these userids. 

The Next Dominoes to Fall 

In Austin, there’s a small company 
called Steve Jackson Games that 
makes role playing games (a kind of 
grown-up make believe). In their of¬ 
fices, SJG ran a computer called Il¬ 
luminati. This system was used by 
staff and customers to develop new 
game ideas. SJG ran a BBS on Il¬ 
luminati though which customers 
could provide feedback based on 
testing of potential new games. One 
of these games was called GURPS 
Cyberpunk, named after the Cyber¬ 
punk genre of science fiction in 
which the plot often involves exten- 
sive penetration of computer 
security. 

The author of GURPS Cyberpunk, 
Loyd Blankenship, researched ways 
in which to lend a realistic “look and 
feel” to his game. In his research, he 
developed extensive contacts with 
the hacker and phreaker under¬ 
ground, and acquired a comprehen¬ 
sive library of Phrack magazines, 
which he stored on Illuminati 


On the morning of March 1st, 1990, 
the staff of Steve Jackson Games ar¬ 
rived at work to find that the Secret 
Service had forced their way into the 
building and were searching and 
seizing “computer hardware and 
software and records relating to 
computer hardware and software” 
for evidence in a “nationwide data 
piracy case” which Steve Jackson 
later learned was the Bell South 911 
case. 

When all was said and done that day, 
the Secret Service had taken the Il¬ 
luminati computer, all staff personal 
computers and printers, modems, 


software, spare hardware, all 
material related to GURPS Cyber¬ 
punk, a laser printer, a bag of nuts 
and bolts and some candy off the 
desk of Creede Lambard, who ran 
the Illuminati BBS. 

On the 20th of February, a member 
of the Legion of Doom who iden¬ 
tified himself as “Erik Bloodaxe” 
posted an anonymous electronic 
mail message to the Usenet news 


group Comp.dcom.teIcom saying, 
among other things, that: 

Frank [Darden, Jr.^ Rob 
[Riggs] and Adam [Grant] 
were all definately [sic] into 
very hairy systems. They had 
basically total control of a 
packet-switched network 
owned by Southern Bell 
(SBDN)... through this net¬ 
work they had access to 
every computer Southern 
Bell owned [...] 

On April 1st, in New York Newsday, 
a story appeared saying: 

A government affidavit al¬ 
leged that in June hackers 
believed to be Legion of 
Doom members planted 
software “time bombs" in 
AT&T’s 5 ESS switching 
computers in Denver, At¬ 
lanta and New Jersey. 

These programs ... were 
defused by AT&T security 
personnel before they could 


Elsewhere, Leonard Rose, sysop of a 
computer system called Netsys, was 
out driving his car one day when 
federal authorities pulled him over 
and arrested him. On the 15th of 
May, he was indicted with five felony 
counts and charged with various 
violations of interstate transporta¬ 
tion laws and the federal Computer 
Fraud and Abuse act. Federal 
prosecutors allege that Rose hacked 
his way into an AT&T computer and 


disrupt phone service. 


So far, during the course of their investigation, the US 
Secret Service and the FBI have raided 27 computer sites 
across the US and have seized the equivalent of23,000 
computer disks from suspects accused of contributing to 
over $50 million in system thefts and damages. 


Benchmarks 


June 1990 


Page 13 


GENERAL INFORMATION 


The Austin-based company Steve Jackson Games has 
been devastated by this affair. In the days since the Secret 
Service seizure, SJG has suffered a monetary loss of 
$100,000, had to lay off 8 of their 17 staffers, and cancel 
sixty percent of their 1990 product releases. 


stole some of the source code for 
version 3.2 of the Unix operating sys¬ 
tem. He is also charged with dis¬ 
tributing two “trojan horse” 
programs that would infiltrate a 
Unix computer and replace the 
legitimate login program. Once in 
place, the trojan horses acquired a 
valid userid and password each time 
a new person logged into the system. 
Rose, it is alleged, would later 
retrieve the list of stolen userids and 
passwords and gain any degree of ac¬ 
cess to a system that he wanted. 

So far, during the course of their in¬ 
vestigation, the US Secret Service 
and the FBI have raided 27 computer 
sites across the US and have seized 
the equivalent of 23,000 computer 
disks from suspects accused of con¬ 
tributing to over $50 million in sys¬ 
tem thefts and damages. The inves¬ 
tigation continues into people who 
have violated the security of federal 
research centers, schools and private 
businesses, and extends far beyond 
the theft of a single six page text file 
from Bell South headquarters. 

Craig Neidorf, the 19 year old 
University of Missouri student who 
allegedly received the 911 file from 
Robert Riggs, has pleaded not guilty 
to charges of violating the federal 
Computer Fraud and Abuse Act of 
1986. 

Charlie Boykin, the AT&T employee 
who ran Killer/ATTCTC and was in¬ 
itially alerted by Richard Andrews 
about the 911 file theft was pre¬ 
viously an active member of the 
Tbxas Unix community. He hasn’t 
been seen at any Unix function since 
the closure of ATTCTC. 


According to the Associated Press, 
U.S. Attorney William Cook was 
granted a motion to prevent the 911 
text file from becoming part of the 
public record during the trial. The 
trial of Riggs and Neidorf began on 
April 16,1990. 

The Austin-based company Steve 
Jackson Games has been devastated 
by this affair. In the days since the 
Secret Service seizure, SJG has suf¬ 
fered a monetary loss of $100,000, 
had to lay off 8 of their 17 staffers, 


tice system evaluates all property 
crime in monetary terms: if it doesn’t 
cost a lot of money, then there’s not 
a big crime involved. 

The Chicago indictment against 
Riggs and Neidorf charges them with 
the theft and interstate transport of 
something valued over $5,000, 
namely the 911 file. 3 In other words, 
the crime lies in stealing something 
worth a lot of money, not potentially 
endangering the safety of people in 
nine states. Typically, computer 
crime is only investigated if j large 
monetary loss can be proven.* 

Some users and system operators of 
networked large multi-user systems 
would probably tell you that the big 
deal is that such computer systems 
aren’t traditionally covered by com¬ 
mon carrier statutes. Common Car¬ 
rier laws are the laws that say if some¬ 
one plots a crime over the telephone 
or through the US mail, the 


Federal authorities are placing a burden of respon¬ 
sibility on owners and operators of such computers to 
know the legality of everything stored on their computer 
system. On a system such as the NT VAX Cluster, that 
means knowing completely what’s on 4.3 gigabytes of 
disk storage, and reading over 100 megabytes of wide 
area network traffic each week. 


and cancel sixty percent of their 1990 
product releases. Jackson has ap¬ 
proached the American Civil Liber¬ 
ties Union for assistance. 

The Real Issues: 

What’s the big deal? 

That depends on who you ask. 

The Secret Service would probably 
tell you that any violation of com¬ 
puter security is a serious affair. Un¬ 
fortunately, the current criminal jus- 


telephone company and the US 
Postal System cannot be held ac¬ 
countable for what was plotted over 


3 Bell South values the six page 911 text 
file at 579,499.00. 

'Read Clifford Stoll’s The Cuckoo’s Egg 
[see page 7 for a review] for an excellent 
account of how federal authorities 
resisted involvement in violation of na¬ 
tional defense computer security by a 
German hacker employed by the USSR 
because less than a million dollars in 
monetary loss was involved. 


Page 14 


June 1990 


Benchmarks 



GENERAL INFORMATION 


Someone would have to read up to sixty four thousan d, 
vms of text each week in order to be completely ap¬ 
praised just onjisxJnformation that is either stored on 
the VAX cluster or passes through it on their way to 
another computer each week. 


their common comer. This is not the 
case with computer bulletin boards 
and network nodes, however. 
Federal authorities are placing a bur¬ 
den of responsibility on owners and 
operators of such computers to know 
the legality of everything stored on 
their computer system. On a system 
such as the NT VAX Ouster, that 
means knowing completely what’s 
on 43 gigabytes of disk storage, and 
reading over 100 megabytes of wide 
area network traffic each week. In 
other words, someone would have to 
read up to sixty four thousand pages 
of tea each week in order to be com¬ 
pletely appraised just on new infor¬ 
mation that is either stored on the 
VAX cluster or passes through it on 
their way to another computer each 
week. If the NT Computing Center 
employed five people who could read 
100 words a second to do this, and 
they worked twenty four hours a day 
without stopping, it would still take 
them twenty three days to read a 
week’s worth of wide-area network 
traffic 


they would need to be foreign lan¬ 
guage interpreters as welL 

Imagine a company that owns a 
telecommunications satellite being 
held responsible for aU the conversa¬ 
tions in all the languages that are 
going through it at all times. It’s a 
ridiculous thought and no legal 
authority would expect that of RCA 
or NASA. However, the equivalent 
is expected of every BBS in the 
country and every wide area network 
node at this moment. 

Unless lawmakers grant the same 
legal protection to computer bul¬ 
letin boards and network nodes as 
the US Mail and telephone carriers. 


rested and tried will it become ap¬ 
parent that seizing the computers 
they use as conduits makes as much 
practical sense as seizing the laser 
printer at Steve Jackson Games, not 
to mention the candy on Creede 
Lombard's desk. 

In the case of computer security, the 
best and only effective offense is a 
good defense. No computer system is 
impregnable, but there is a point at 
which every hacker will decided that 
penetrating a system is more trouble 
than it’s worth. It is especially impor¬ 
tant that all managers and system 
administrators of computer BBS’s 
and network nodes be mindful of 
this. 

Just as barbed wire spawned a bur¬ 
geoning wire cutter market, the 
popularity and usefulness of com¬ 
puter-based communication will en¬ 
sure that there are always going to be 
hackers and phreakers. There is a 
fine line between making a computer 
secure enough to avoid compromise 
by a hacker, and accessible enough 
not to discourage legitimate use. 


There is a fine line between making a computer secure 
enough to avoid compromise by a hacker , and accessible 
enough not to discourage legitimate use. 


And to make matters worse, NT is, 
for all practical purposes, an end 
node on the wide area network cir¬ 
cuit. Most traffic that passes through 
here is eventually bound for some¬ 
one at NT For most wide area net¬ 
work nodes, this is not the case. A 
site like UT at Austin, or Rice 
University has traffic passing 
through it, briefly being stored 
before being forwarded, for many na¬ 
tional as well as international sites. 
For those sites, not only would they 
need to hire many more people, but 


computer users in the not-to-distant 
future will only be able to look back 
at the age of electronic mail and 
Usenet news. 

People like the Legion of Doom have 
forced federal authorities apply ex¬ 
isting laws to computers before they 
have sufficient technical preparation 
to do so. Unfortunately, it looks like 
the only solution to inappropriate 
seizures of computers by the Secret 
Service and FBI is the education that 
lawmakers and law enforcers will 
receive through the courts. Once 
more phreakers and hackers are ar- 


The best managers of computer sys¬ 
tems will continue to walk that line 
without disturbing the network of 
trust that makes such systems the 
powerful tools they are. 5 


Kevin Mullet is a data com- 
municatin analyst in the NT 
Computing Center. He may be 
reached by electronic mail at 
kev@vaxAacs.unt.edu. This 

article may be retrieved as a 
VVT51 document by anonymous 
FTP or from the Novell network 
server, NTVAXB as a postscript 
source in file Dooml50.ps 


Benchmarks 


June 1990 


Page 15 



GENERAL INFORMATION 


More Internet 
Databases 


THE BITNET CONNECT 

By Dr. Philip Baczcwski, BITNET INFOREP (amrer Acwswmii) 


w 


By Billy Barroo, VAX System Manager 

(B1TOFR BnXY«UNIVAX) 

T his article is a continuation of 
the article that appeared in the 
April/May 1990 issue of Bench¬ 
marks. In the first article it was stated 
that the Internet is a collection of 
interconnected networks that span 
the world. It can be accessed 
through the VAXcluster or some¬ 
times, through CMS Mail. Many 
databases containing information on 
a wide variety of topics are available 
to Internet users. Following are 
descriptions of some of these 
databases not covered in the pre¬ 
vious article. 

• NETLIB - Netlib is a library of 
public domain mathematical 
software. The software includes 
routines for linear algebra, 
benchmarking, curve fitting, 
FFTk, linear programming, dif¬ 
ferential equations solvers, non¬ 
linear optimization, and matrices. 
For more information, send a one 
line mail message to NETLIB 
@RESEARCH.ATT.COM. The 
line should contain SEND 
INDEX. NETLIB questions 
should be directed to Jack Don- 
garra (DONGARRAH@CS. 
UTK.EDU) at Oak Ridge Na¬ 
tional Laboratory and Eric 
Grosse (EHG@RESEARCH. 
ATT.COM) at AT&T Bell Labs. 

• OCEANIC-The Ocean Network 
Information Center (OCEANIC) 
has a database of oceanographic 
information. This information is 
primarily used to support the 
World Ocean Circulation Experi¬ 
ment (WOCE), but is available to 
Internet users also. OCEANIC 


Continued on page 18 


Th/s Column Is a continuing feature of Benchmarks intended to present 
news and Information on various aspects of the BITNET wide area 
network. 

Sending Mall Over BITNET 

E lectronic mail is possibly the most frequently used BlTNETservi^Users 
of all three UNT mainframe systems (CMS, MUSIC, and VAX/VMS) are 
able to send mail over BITNET, using the mail facilities that are available on 
those systems. If you are not familiar with the mail facility on the mainframe 
system you are using, consult the help information available for that particular 
mail program. The following discussion centers on sending BITNET mail when 
using those facilities. 

Sending and Receiving BITNET Mail on MUSIC 

The MUSIC/SP MAIL facility can provide easy communication with other 
users of MUSIC, or with users of systems other than MUSIC (remote systems). 
These remote systems include CMS and the Vax Cluster, but also include any 
other BITNET nodes. 

Tb use the MAIL facility, type MAIL SEND from MUSIC *GO mode. When 
you are prompted to enter the ID code for the receiver of the message, you must 
enter the receiver’s BITNET address in the following format: userld@node, 
where userid is your correspondent’s ID code and node is the remote system s 
BITNET node name. You can also specify a file name where a copy of your 
outgoing message is logged, whether or not you wish the message to be acknow¬ 
ledged, and If you wish the message text to be read from a file. Typing MAIL 
alone will cause the MAIL program to check your mailbox for messages and 
display any you have received. 

The MUSIC MAIL facility also includes a program which allows you to specify 
nicknames for the BITNET addresses you use frequently. Tb create or modify 
a “names" file containing your list of nicknames, type NAMES from GO mode. 
(For help within the NAMES program, use the PF1 function by pressing 
<ESCxt>). If, for example, you frequently send mail to LARRYW at NUS- 
DISCS, you could define the nickname LARRY to represent that address. Tb 
send mail to that address, you would only need to type LARRY in the Tb: field. 

Because MUSIC limits the user-ID and node fields to the eight-character length 
imposed by RSCS, BITNET mail from MUSIC cannot usually be sent through 
gateways. Mail sent through gateways often has an address in which the user-ID 
and/or the node portion is longer than eight characters. There are techniques 
for specifying these addresses on both CMS and the VAX, however no provision 
for gateways is available on MUSIC 

It is especially important that if you frequently receive mail through BITNET; 
that you read, log (if desired), and purge mail DAILY. Failure to read and purge 
your BITNET mail on a regular basis can cause your mailbox to become full, 
cause messages to be “backed up” waiting to get into your mailbox, and possibly 


Page U 


June 1990 


Benchmarks 



GENERAL INFORMATION 



Bibliography for Astronomical 
Data) is a database on astronomi¬ 
cal objects. SIMBAD is accessible 
over the Internet, but requires an 
account to be set up. For more 
information about gaining access 
to SIMBAD, send E-mail to sim- 
bad@cfa.harvard.edu or call 
(617) 495-7301.# 


Seminars 
Offered to 
Faculty, Staff 


By Claudia Lynch, Benchmarks Editor 
(BITNET AS04@UNTVM1) 


E ach semester, classes are of¬ 
fered by Academic Computing 
Services’ Microcomputer Support 
staff for the University Personnel 
Office’s Training and Development 
Program “Hands-On Computer 
Seminars." These seminars are 
available to all faculty and staff 
members. According to information 
provided by the Personnel Office: 
“Your participation in Personnel- 
sponsored programs is considered a 
part of your working hours, and your 
supervisor’s approval is required for 
you to register for training if you are 
a staff member. A record of the 
programs you attend is a part of your 
permanent personnel file.” 

Contact the Personnel office for 
more information and to register for 
the following classes that are being 
offered this summer 

• Introduction to Microcomputers 
and DOS. 

• Introduction to WordPerfect 
• WordPerfect 5.1 Conversion. 

• Introduction to PlanPerfectB 



1990 Summer Short Courses 


Academic Computing Services 
University of North Texas 
Computing Center 



tie Computing Center is offering the following short courses for the 1990 
summer semesters. Please pre-register to attend (a registration form can 

m/h 'IS if' thC Cnd u f S'? isSUe )’ A maxlmum of 10 People will be admitted to 
“5 e ,|~ UrSeS he *J S J SB 110> A maximum of 7 people will be admitted 

GraphIcs A maximum of 8 people will 
be admitted to each of the courses held in ISB 123. 


PLEASE NOTE: Faculty and students have first priority to register for these 
classes, staff members •• MUST •• register through the personnel office! 

MAINFRAME COURSES 

L L n ^St MUS f C ^ P * MUSICVSP is an interactive operating sys¬ 
tem employed by academic users to access the Academic HDS/8083 IBM- 
compatible mainframe computer at UNT. MUSIC is primarily used to 
submit batch jobs to the MVS operating system, providing access to a 
vanety or programming languages and several statistical analysis pack- 
ages. t opics covered include gaining access over the Local Area Net¬ 
work, logging on and off, changing your password, and creating, editing, 
and storing files using the full-screen editor. Additional topics that may 
be covered, depending on available time, are: accessing on-line help 
facilities, using electronic mail, routing output to high-speed printers, 
and writing files to secondary storage such as disk and tape. 

Introductory sessions to MUSIQSP will be held in Room 110 of the 
Science Library (ISB) on a bi-weekly basis. NO PRE-REGISTRATION 
FOR THESE COURSES. Consult the HELP DESK 
(565-4050) for a schedule of classes and/or to request a class on a 
specific day. All courses will be taught by Help Desk staff. 

2. Introduction toIBM Job Control Language (JCL) - This course provides 
an overview of IBM JCL for users who wish to further their knowledge in 


Benchmarks 


June 1990 


Page 19 





this area. It is useful to in¬ 
dividuals who plan to run batch 
jobs (e.g. SAS, SPSS-X) on the 
IBM-compatible mainframe 
computer. 

A two-hour session to be 
held in the Academic 
Computing Conference 
Room (ISB123): 

• Monday, June 11:3-5 p.m. 

Instructor. George Morrow 
3. Introduction to SAS - SAS is 

one of the most widely imple¬ 
mented data analysis systems 
within business and education. 

SAS is particularly well suited 
for dataset manipulation and in¬ 
cludes an extensive procedure 
library providing a wide range 
of analytical tools. This course 
is recommended for individuals 
who plan to incorporate statisti¬ 
cal analyses into their research. 
Topics covered include the read¬ 
ing of data into SAS, simple 
data transformations recoding 
variables, labeling output, and 
performing simple univariate 
and bivariate analyses. 

A two-hour session to be 
held in the Academic 
Computing Conference 
Room (ISB 123): 

• Friday, June 8: 

l(h30 aJt-1230 pan. 
Instructor. Panu Slttlwoog 
4, Introduction to SPSS-X - SPSS- 
X is the latest version of this 
popular data analysis system 
originally developed for social 
scientific research. While SAS 
is slightly more powerful for the 
analysis of complex datasets, 
many users find SPSS-X to be 
easier to learn. SPSS-X also in¬ 
cludes more flexible facilities 
for collapsing and labeling vari¬ 
ables. This course is recom¬ 
mended for individuals who 
plan to incorporate statistical 
analyses into their research. 
Topics covered include the read¬ 
ing of data into SPSS-X, simple 
data transformations, recoding 


variables, labeling output, and 
performing simple univariate 
and bivariate analyses. 

A two-hour session to be 
held in the Academic 
Computing Conference 
Room (ISB 123): 

• Friday, June 15: 

8 J 0 - 10 J 0 a.m. 

Instructor. Phanlt 

Laoslrirat 

5. Introduction to CMS - CMS is I 
an interactive operating system 
employed by academic users to 
access the Academic HDS/8083 
IBM-compatible mainframe 
computer at UNT. CMS users 
have access to a variety of 
programming languages, a 
sophisticated text processing 
system, and several statistical 
analysis packages. Topics 
covered include gaining access 
over the Local Area Network, 
logging on and off, changing 
your password, and creating, 
editing, and storing files using 
the full-screen editor. Addition¬ 
al topics that may be covered, 
depending on available time, 
are: accessing on-line help 
facilities, using electronic mail, 
and routing output to high¬ 
speed printers. 

A two-hour session to be 
held in the Academic 
Computing Conference 
Room (ISB 123): 

• Friday, June 8: 

8J0-10J0 a.m. 

Instructor. Philip 
Baczewsld 

4. Introduction to VAX/VMS - 
VMS is the interactive operat¬ 
ing system used on the Digital 
Equipment Corporation (DEC) 
VAXcluster. The VAXcluster 
supports a variety of applica¬ 
tions. The topics covered in this 
course include gaining access to 
the VAXcluster through the 
Local Area Network, logging in 
and out, changing your 
password, creating files and 


directories, creating login com¬ 
mand files, using the EDT 
editor, defining logicals and 
symbols, and electronic mail. 

A two-hour session to be 
held in the Science library 
(ISB 110): 

• Friday, June 8: 

&30-l(h30 a.m. 

Instructor. Mark Thacker 
7. Introduction to BITNET - BIT- 
NET is a network linking more 
than 600 computers at over 300 
institutions and research 
centers. This course covers the 
basic concepts of BITNET, file 
transfers across BITNET sites, 
and other services that are avail¬ 
able on this computer network. 
Faculty and graduate students 
needing to exchange informa¬ 
tion with other universities and 
research institutions in the 
U.S., Canada, Europe, or Japan 
will benefit greatly from attend¬ 
ing this course. Prior knowledge 
of at least one of the following 
interactive operating systems Is 
required: CMS, MUSIC, 

VAX/VMS. 

A two-hour session to be 
held in the Academic 
Computing Conference 
Room (ISB 123): 

• Friday, June 15: 

10 JO a.m.-12J0 p.m. 
Instructor. Philip 
Baczewsld 

7. Introduction to the Internet 
and THENET - The Internet is 
a collectin of realted computer 
networks that link thousands of 
computers throughout the 
world. THENET is a network 
that connects universities, re¬ 
search institutions, and state 
agencies in the state of Texas. 
This course covers basic con¬ 
cepts, file transfer, remote 
login, and other services avail¬ 
able on the networks. Faculty 
and students needing to ex¬ 
change information with other 
universities, government agen- 


Page 20 


June 1990 


Benchmarks 


ties, companies and research in¬ 
stitutions or between the 
various machines on the Univer¬ 
sity of North Texas campus 
would benefit from this course. 
Prior knowledge of at least one 
of the following interactive 
operating systems Is required: 
VAX/VMS, Unix, MS-DOS, 
MAC 

A two-hour session to be 
held in the Academic 
Computing Conference 
Room (ISB 123): 

• Friday, June 22: 

10:00 a.m.-Noon 
Instructor: Billy Barron 

MICROCOMPUTER 

COURSES 

1. Introduction to Microcomputer 
Labs: ISB 110, Willis Library, 
Graphics Lab - Special em¬ 
phasis is placed on the unique 
features of networked 
microcomputers in these labs. 
Topics such as accessing file ser¬ 
vers and printing to remote 
printers available to UNT stu¬ 
dents will be covered. 

Two separate one-hour 
sessions to be held in the 
Science Library (ISB 110): 

• Monday, June 11: 
330-530p.m. 

Instructor: Staff 

• Wednesday, July 11: 
330-530p.ro. 

Instructor: Staff 

2. Introduction to Microsoft 
Word - Basic word processing 
in a Macintosh environment 
using Microsoft Word. 

A two 1/2 hour session to 
be held in the Graphics 
Lab (ISB 6): 

• Friday, June 22: 

10 a.m.-1230 p.m. 

Instructor: Pro Systems 
Staff 


Remember... 

2ES; cuslorni2cd ” short courses for their clas- 
•ea. call 565-2324 for more information.8 


3. Introduction to WordPerfect, 
Version 5.1 - An Introduction 
to the major features of Word¬ 
Perfect 5.1 including cursor 
movement, deleting and insert¬ 
ing, changing margins and spac¬ 
ing, using current system date, 
blocking and moving, speller, 
thesaurus and printing docu¬ 
ments. Prior knowledge of basic 
DOS commands required. 

Bring one 5 1/4* low density for¬ 
matted diskette. There Is no dif¬ 
ference between WP 5.1 and 5.# 
at the Introductory leveL If you 
are comfortable with 5.0 do not 
take this class. 

A three-hour session to be 
held in the Science Library 
(ISB 110): 

• Friday, June 29: 

9 aan.-Noon 

Instructor. Sandy Franklin 

4. Introduction to Procomm Plus - 
An overview of the Procomm 
communications package for 
Personal Computers or com¬ 
patibles is presented. Procomm 
provides several different ter¬ 
minal emulation modes, and 
supports several file transfer 
protocols including KERMIT 
and XMODEM. Topics covered 
include setting communications 
and file transfer parameters, set¬ 
ting up and using Procomm’s 
dialing directory, and connect¬ 
ing to UNT host computers 
through the local area network. 

A one-hour session to be 
held in the Academic 
Computing Conference 
Room (ISB 123): 

• Friday, June 22:9-10 a.m. 

Instructor: Anto 

Prijosoesllo 


5. Introduction to SAS PC - This 

course covers the basics of using 
SAS PC, Version 6.03, for IBM 
and compatible PCs. Topics 
covered include using the SAS 
Display Manager, loading files, 
selecting variables and running 
statistical analyses. Emphasis 
will be placed on running SAS 
in interactive mode. Prior 
knowledge of the SAS command 
language or attendance in the 
Intro to SAS course Is required. 

A three-hour session to be 
held in the Science Library 
(ISB 110): 

• Friday, June & 

1030 a.m.-1230 p.m. 
Instructor: Phanlt 
Laoslrirat 

6 . Introduction to SPSS PC+ - 
This course covers the basics of 
using SPSS PC+, Version 3.1, 
for IBM and compatible PCX 
Topics covered include using 
the menu and help interfaces in 
REVIEW, loading files, select¬ 
ing variables and running statis¬ 
tical analyses. Emphasis will be 
placed on building files for ex¬ 
ecution interactively.Prior 
knowledge of the SPSS-X com¬ 
mand language or attendance 
In the Intro to SPSS-X course 
Is required. 

A three-hour session to be 
held in the Science Library 
(ISB 110): 

• Friday, June 15: 

10:00 a.m.-Noon 
Instructor: Panu 
Sittlwong S 


Benchmarks 


June 1990 


Page 21 



MICROCOMPUTERS 


Maczilla -vs- the Slime Monsters 


or 

Computer Virus Prevention on the Macintosh 

By Chad Irby, Microcomputer Support Consultant (Brmm ac*»uhivax) 

M acintosh computers are well-known for being easy to use. They are also 
well-known for being the first computers to suffer under the virus 
plague of the 1980s. There are several different strains of Macintosh viruses, 
but so far, none of them have done the severe damage found in the MS-DOS 
world. 

The public access microcomputer labs at the University of North Texas have 
been host to almost all of the various Macintosh viruses, and we assume that 
we will see more as time goes by. In the last six months, we have seen these 
strains: 


IN IT 29 

nVIR 

ANTI 


• Scores 

• WDEFA&B 


Most of the Mac viruses are designed to be harmless, but due to poor design by 
the virus programmers (frequently known as scum), they often cause odd system 
problems. 

Typical behavior of an infected Macintosh 

• Problems with printing — locks up or can't open printer. 

(Often caused by IN IT 29 infections) 

• Unexplained beeps on startup. 

(nVIR does this at random times) 

• Disk drive problems(Scores virus creates extra invisible files and fills drive) 
(INIT 29 causes This disk needs minor repairs message when the disk is OK) 

• Macintosh Portable or lid crash on insertion of floppy disk. 

(WDEF virus can cause this sometimes) 

• Mouse pointer moves erratically across screen. 

(ZUC virus —- not seen in this area yet, see article in adjacent column). 

• Unexplained system crashes. 

(Most viruses can cause this — IN IT 29 does this a lot) 

How to deal with the problem 

There are several products which can help you deal with Macintosh computer 


Macintosh 
ZUC Virus 


By Mike McCann, Oemsoo University 
(mmccann®hubcat.clemsohedu) 

This article is excerpted from the 
DICT Update (Vol. 13, #5, May 
1990), the newsletter of the Clemson 
University Division of Computing and 
Infromation Technology. Another 
Mac menace, a trojan, is described on 
page 28. — ed. 

T he latest virus to infect the 
Macintosh community is the 
ZUC virus (named after its dis¬ 
coverer, Don Zucchini). This virus 
was discovered in Italy in March 
1990 and infects applications only 
(applications do not have to be run 
to become infected). Once an in¬ 
fected application is run, the cursor 
bounces around the screen uncon¬ 
trollably when the mouse button is 
depressed. 

Some of the following problems 
have been reported: 

• Desktop patterns may change. 

• Slower launching of applications 
with increased disk activity. 

• The virus spreads between file 
servers and Macintoshes. 

There are two Shareware programs 
which are commonly used to get rid 
of the ZUC virus. Disinfectant 1.8 
and GateKeeper. 

• Disinfectant 1.8 is used to disinfect 
Macintosh diskettes and hard 
drives from all current Macintosh 
viruses including ZUC Disinfec¬ 
tant 1.8 must be run before it can 
work since it is an application not 
an INIT or CDEV. 

• GateKeeper is an INIT which is 
placed in the System Folder and 
used to detea and prevent infec¬ 
tion from the ZUC virus.fi 


Continued oo page 23. 


Page 22 


June 1990 


Benchmarks 



MICROCOMPUTERS 



Maczilla continued from page 22 


viruses. The most popular one is Dis¬ 
infectant, a program by John Norstad 
ofNorthwestern University. Disin¬ 
fectant is a free program which scans 
entire volumes for viral activity, then 
eliminates any infections it finds. 
Typical time for Inspection of a hard 
drive is about a minute. It is a very 
useful tool to own, and is updated 
every time a new strain is found. The 
current version (1.8) is available 
through the Macintosh labs here at 
the University. Another free pro¬ 
gram, Vaccine, will help prevent in¬ 
fections from happening, but won’t 
catch the newest bugs. 

Gate Keeper is free, and can prevent 
most infections, but takes more time 
to set up. It has the advantage of 
locking out any unfamiliar system ac¬ 
tivity, so it has caught several new 
viruses (the recent MDEF strain, for 
example) before anyone knew they 
existed. It is not a product for begin¬ 
ners, since the user has to configure 
it for the programs most commonly 
used on that machine. 

The most common commercial pro¬ 
gram for virus prevention is SAM, or 
Symantec Antivirus for the Macintosh. 
SAM scans the hard drive on startup, 
and automatically inspects each flop¬ 
py when you insert it into the drive. 
SAM is relatively easy to set up, and 
can be trained to check for new 
strains as they come along. SAM is 
available at most Macintosh 
software outlets at various prices.fi 


WordPerfect Users 
Group Meetings 

T he UNT WordPerfect 
Users Croup will continue 
to meet every third Friday from 
12 to 1 p.m. in Marquis Hall, 
Room 105. All WordPerfect 
users are invited to attend.fi 



Dus column is wended to serve as a forum for sharing useful tips on making more 
productive use of microcomputers. If you have a tip that you feel maybe of use to campus 
users, submit it to the Benchmarks editor for possible inclusion in a future issue 


Establishing Meaningful Relationships 


By Kyle Capps, Manager of Microcomputer Support 


j ^base III Plus and Dbase IV are relational database management systems, 
■“Jut ““X P^Ple do not understand the significance of the word “rela¬ 
tional and even fewer people have actually used this veiy powerful feature of 
Dbase. The Apnl/May 1990 Benchmarks Micro-Tip involved the creation of a 
relational database to store invoicing information. This month’s Micro-Tip 
“brrngs it all together" into a program that will print invoices from the invoice 
master database. 


Bringing It All Together 


We will assume that some invoice information has been entered into the 
databases INVMASTER and INVITEM to illustrate how the relations work 
at the printing of the invoice. The short program that is provided below 
assumes that you are somewhat familiar with the Dbase programming language 
and the program is compatible with both Dbase Ill-Plus, Dbase IV. and the 
Clipper compiler. 

Program Analysis 


A complete invoice printing program would be much more complex than the 
program listed on the following pages, but the program does provide the 
examples needed to understand relational database designs. In the program 
providedjwe have established several relations between databases as outlined 
on page 27. 


Benchmarks 


June 1990 


Page 23 




Invoice Program Listing 



•elect invi tan 
goto top 
rowpos - 60 
pege_no - 1 

iub_toUl — 0 

weigh l_to(»l - 0 
ihip_chg - 0 

tax - 0 
total -0 

curr_lnvoJce_no ” lnvitem-lnvolce_oo 
do while .not. eofO 
select invmaiter 
If invma*ter-print_fw - “Y" 

• _ 

• SKIP TO NEXT RECORD 

• _ 



Page 24 


June 1990 


Benchmarks 


MICROCOMPUTERS 


else 


•elect invitem 
•kip +1 


• PRINT THE INVOICE 

• _ 

select invitem 

let device to print AA Direct output to printer 

“ rowpos 55 x*. currjnvoicejio invitem-invoice_ao AA jf 

• CHECK FOR NEW INVOICE NUMBER 

• _ 

if cuxr_tavoice_no Invitem-invoicej» AA New invoice number 

©rowpos + 1,50 say *-• 

@ rowpos + 2,40 say “Subtotal: ■ 

@ rowpos + 2,50 say »ub_toal picture *$99999999.99" 

©rowpos+ 3,40 say “Shipping:* 

@ rowpos + 3,50 say weightJotal • »hip_chg 
@ rowpos + 4,40 say “Tax Total; * 

@ rowpos + 4,50 say subjotal • tax 

©rowpos + 5,50 say*—- 

© rowpos + 6,40 say "Total 

total - subtotal+(weight • *hip_chg)+(subjotal • tax) 

@ rowpos + 6,50 say total picture *$99999999.99" 
curT_invoice_no - invitem-invoice no 


endif 

enddo (while .not. eof()) 

• _ 


P«*e_no - page no + 1 

endif 


• PRINT NEW PAGE HEADING AND TOP PART OF INVOICE 

s_ 


rowpos -1 


AA Reset row counter 
AA Execute form feed 


eject 

do PRINTTOP 
rowpos -24 
sub_total - 0 
total -0 

shlp_chg - shipper-weight_chg 
tax - customer-tax rate 

endif 

@ rowpos + 1,3 say invitem-qty 
© rowpos + 1 ,9 *ay product-itcm_code 
© rowpos + 1,22 say product-ilem_desc 
@ rowpos + 138 »ay product-unil_price 
@ rowpos + 130 say product-unit_price 


AA React row counter 
AA Reset subtotal 
AA Reset grand total 
AA Get new shipping charge* 
AA Get new tax rate 


invitem-qty 


subtotal - subjotal + (product-unit_price • invitem-qty) 
•kip +1 


rowpos - rowpos + 1 


• PROCEDURE TO PRINT THE TOP PART OF THE INVOICE 

• ___ 

PROCEDURE print_top 

@ rowpos ,(80 - ta(trim(company-comp_name )))/2 say trim(company-comp_name) 

@ rowpos + 1,(80 - lcn(trim(co€npany-<omp_addrl )))/2 say lrim(company-<imp_addrl) 


Benchmarks 


June 1990 


Page 25 



MICROCOMPUTERS 


If lrim(<x>mpany-comp_addr2) ■ &A No .ecood .ddre- 

*ddr_line - trim(company<omp_dty)+", “+company-comp_iUte+ ■+tnm(company-comp_np) 

@ rowpoa + 2,(80-ten(»ddr_Unc)y2 uy addrUne 

@ rowpoa + 3,(80-tcn(trim(corn parry-comp_phooc))/2 uy lrim(coaipany-cocip_phooe) 

@ rowpoa + 2 ,( 80 -kn(company-cocnp_iddr 2 )y 2 uy trim(compiny-coop_iddr2) 

addr Udc ■ lrim(amp*ny-cocnp_dty)+", *+company-comp_iute+" "+trim(company-comp_rip) 

@ rowpoa + 3^8(Mca(addr_Unc)y2 uy addrjine 

© rowpoa + 4<80-to(lrim(cooipany-comp_pbooc)V2 uy trim(company<omp_phooe) 

cadif 

@ rowpoa + 6,55 tay “Invoice Number: “ 

@ rowpoa + 6,71 aay lnvmaiter-invoice_no picture “@B* 

©rowpoa + 8,55uy"InvoiceDate 
@ rowpoa + 8,71 aay invnniter-lnv_dite 
©rowpoa +10,55aay“PajeNumber 
© rowpoa +10,71 aay paje_no picture “@B" 

© rowpoa +12,10 aay cuatomer-bilI_name 
@ rowpoa +12,45 aay cuitomcr-ahip_name 
© rowpoa +13,10 lay cuitomer-biU_addrl 
© rowpoa +13,45 lay cuitomer-ihip_addrl 

If ulmfcuitomer-biU »ddr2) - « No .ecood addreu 

addrUne - trim(cuHotDer-biU_dty)+", “+cuitomer-bill_»tate+" ‘+trim(cuitoroer-biU_ap) 

© rowpoa +14 ^804cn(addr_lioe))/2 lay addrjine 

© rowpoa +15X80-len(trim(cuitomer bUI_phooe))/2 lay trim(cuitomer-biU_pbonc) 

cUc 

© rowpoa +14,(80-len(cu»lomer-biU_iddr2))/2 lay trim(cuitoa>er-biU_addr2) 

»ddr Unc - trim(cuWoroer-bilI_dty)+’, “+cuMomer-biU_iUte+" “+lrim(cuitomer-bai_zip) 

© rowpoa + 15 ,( 80 -len(addr_lioe)y 2 lay addr_line 

© rowpoa +16,(80-kn(trim(autoaicr-biU_pbooe)y2 lay lrim(cu»toa>er-biU_phooe) 

If trlm(cuatocDer-cuil_addr2) - « && No iccood addreaa 

addrjine - Uim(<^oG>er-ihip_dty)+*,*+cuilomer-ehip_itate+" *+trim(cuilocDcr-ihip_zip) 
© rowpoa +14 X80-kn(addr_Unc)y2 aay addrjine 

© rowpoa + 15^80-ka(trim(cuitotDcr-ahip_pbooe))/2 uy lrim(cuitocDcr-ahip_phooc) 

dae 

© rowpoa +14^80-Icn(cuai0€ner-ihip_addr2)y2 uy trim(cuiiocDer-ihip_addr2) 

addr_linc - lrim(cuiioc>cr-ihlp_dty)+*, *+a»tocDcr-ahip_itate+’ "+trim(cuuocDCT-*hip_zip) 

© rowpoa +15,(80-len(nddrJine))/2 uy addr_Une 

© rowpoa +16^804eo(trim(cuHomer-ihip_phooe))/2 uy lriro(cuitoiDer-ihip_pbooe) 

cadif 

© rowpoa + 18,0 uy "P.O. Number Terma SakaPenoo 
@ rowpoa + 19,2 uy Invmaiter-cuat _po_no 
© rowpoa + 19,20 uy cuitorocr-tcrma 
© rowpoa + 1938 uy invmaiter-ukiman 

© rowpoa + 20,0 uy *--- 

© rowpoa + 21, Ouy “Ship Date Shipper" 

© rowpoa + 22,2 uy lnvmaitcr-ahip_date 
© rowpoa + 22,14 uy ihipper-ahip_name 

@ rowpoa + 23,0 uy --" ' ' 

© rowpoa + 24,0 uy “ Qty Item Number Deacriptioo Unil price ^ price " 


Page 26 


June 1990 


Benchmarks 



MICROCOMPUTERS 



Program Analysis continued from page 23 
Database Relations 


Parent 

INVITEM 


INVMASTER 


Child 

INVMASTER 

PRODUCT 

CUSTOMER 

SHIPPER 

COMPANY 


Link 

INVOICE NO 
ITEM_CODE 

CUST CODE 
SHIP CODE 
COMP CODE 


fro “ the abo y e listing, a database can serve as both a “parent” 
“ d i d fPf Ddl “8 on the active database at the time. The significance of 

establishing relations is that all of the record pointers in the child databases 

de P cndin 2 on the^Unk esUblSh^^n^ 
Z^p^ m ^ mma,CS ,he “* ° f -"“"'P 1 ' SEEK 

Conclusion 

Database relations represent an extremely powerful tool to the database 
developer and when utilized with a good initial database design, they become 
indispensable as an efficient means to manipulate multiple databases.fi 

Safe Computing Thwarts 
_ Viruses 

By Susan Hay, Brown University. 

JJ* an * U! or&Mffy appeared in The OPEN WINDOW ( voi 2 no 6, May 
Brown University, Editor: Kirsten Robinson, KIRSTEN@BROWNVM. 
brown.edu). It was received from the Articles database of CCNEWS. the 

smlTrtFrmrnZ f om P uti »* Newsletter Editors, a BITNET-bascd 
service ofEDUCOM. The article was altered to reflect local procedures at UNT. 

IV^any campuses have had problems recently with hostile programs 
■V ~’ prea ? mg ^“ghout the computing community. These programs in- 
X a " d “ n destr °y tela, applications, and even hardware. 
Due to the steady growth of personal computer use, hostile programs have 
become a concern for all of us. Fortunately, there are a number of things you 
can do to help prevent damage to your system. 

What hostile programs do 

There are three major types of hostile programs currently in circulation: 

h ? rse ** a “ d '^ rms - Avirus inserts itself into other programs and! 

frnmrt”w It H^i, mSem ItSetf fau> even more P ro grams. In this way it spreads 

nrdkS C ° mputer to 5?“P uter - 11 ““y also erase files, crash systems, 
or display harassing messages. Viruses often stay dormant for a period of time 


oeiore doing their dirty work to en¬ 
sure their spread to other systems 
before being detected. A trojan 
horse, like its namesake, secretly ex¬ 
ecutes one function while appearing 
to accomplish some other task or 
pretending to be some other pro- 
For example, DAN- 
CERS.BAS shows animated dancers 
in color on your IBM PC screen and 
wcretly wipes out your hard disk’s 
file allocation table (FAT) at the 
same time. (DOS needs the FAT to 
access files.) Finally, a worm repli- 
tates itself over a network, consum¬ 
ing network and large-system 
resources. The ntemet worm which 
was in the news this past fall spread 
through a network to defense, com¬ 
mercial and educational computers 
across the country, bringing down 
whole systems in its wake. 

Different hostile programs are big¬ 
ger threats on different machines. In 
the DOS world, trojan horses are by 
far the most prevalent. The Macin¬ 
tosh, however, has been suffering 
lately from a host of highly con¬ 
tagious virus infections. Worms 
have been restricted to larger sys¬ 
tems so far and usually don’t affect 
the average microcomputer user. 

Common sense tips 

There are several things that 
microcomputer users can do to 
protect their systems from harm. 

• First, never use original, or 
master, diskettes; use backup 
copies. When you first unpack the 
disks, write-protea them. Then 
make backups and put the 
originals in a safe place. If there is 
ever any question about the in¬ 
tegrity of your applications, they 
can be compared to the masters 
and reinstalled if necessary. 

• Make backups on a regular basis. 
Two or three times a week is not 
too often. In addition, keep two 
versions of your backups: a recent 
copy and one a month old. That 


Benchmarks 


June 1990 


Page 27 




way if your most recent backup is compromised, you have an older version 
from which you can restore your data. 

► When using a shared machine, first turn the machine off, 

then turn it back on. This is called a cold boot (j® •Sve’^ufthe 

is restarted but the power is not turned off). Virus code ran intbe 
computer’s memory and transfer itself to the next disk that is iiueiied. Only 
by turning the machine off can you guarantee that nothing is lurking in 

memory. 

• Make sure you know where your software comes from. Do not use public 
domain software withoui ensuring that it is clean. Download software only 
from reputable bulletin boards that check all software before uploading it. 

A warning—viruses have made their way into commercial software. Do not 
assume that because the program was shrink- wrapped that it is virus-free. 
Unfortunately, there is no such thing as a tamper-resistant seal for 
software! 

• Write-protect all system and application diskettes before inserting them. 
This will prevent viruses and trojan horses from writing to these disks. Be 
careful; a hostile program can check to see if a disk is locked and then print 
a message saying “this disk needs to be repaired—please unlock it If you 
get a message like this, don’t unlock the diskette; try a different one. If you 
get the same message, suspect an infection. Some software must be on an 
unlocked disk to run and cannot be protected this way. Instead, lock 
individual files using the Lock option in the Get Info window on the Mac, 
or the ATTRIB.COM program on DOS systems. These software locks are 
ess dependable, however, as it is possible for a virus to bypass them. 

• Watch for unusual changes in icons, file sizes or date stamps, especially to 
the Stem files on the Mac and the COMMAND.COM, IBMDOS.COM, 
and IBMBIO.COM files on the PC Some viruses can be detected this way. 

Prevention, detection and eradication 

As fast as viruses are being discovered, programs called vaccines are being 
written to detect and protect against them. These vaccines try to anticipate 
various ways that a virus can infect your system, but none can guarantee to 
prevent infection. Even worse, virus authors can examine vaccine programs 
and write viruses to circumvent them. Because of this competition between 
viruses and vaccines, be sure to periodically update any vaccine for the most 
effective virus protection. Virus protection and eradication software for both 
Macintoshes and IBMs is available from the Help Desk or the Graphics Lab. 
If you think your diskette is infected or damaged, you can brihg it to the 

Computing Center and a microcomputer consultant will help you. If your hard 

disk is affected, make an appointment with a microcomputer consultant 
(565-2316) to bring your machine in to be checked. We will do our best to help 
you recover your files and/or eradicate infection. 

Be careful out there 1 

Hostile programs have become a serious concern for microcomputer users, 
but there is no need to panic. With a little care and caution, it is possible to 
greatly reduce the risk of damage by viruses or trojan horses.fi 


Nasty Mac Trojan 
Discovered In Canada 


Taken from an article in Turn-Around- 
Tlmem (VoL 19, *3, Spring 1990), the 

newsletter of the Computing Center at the 
University of California at Davis. 

\ deadly Macintosh trojan has 
XAbeen going around that 
destroys everything on your hard 
disk, renames the hard disk 
“Gotcha!," and then destroys any un¬ 
locked floppies in your disk drives. 
Currently, the best way to protect 
yourself is to immediately make 
backups of your hard disks and flop¬ 
py disks. There is no telling when and 
where this virus might hit, but if or 
when it does, it will be more than just 
annoying. 

The trojan was detected most recent¬ 
ly in Canada at the University of Al¬ 
berta. Two different strains have 
been identified. Both are dangerous. 

The first strain is embedded in a pro¬ 
gram called “Mosaic" (Type-Appl 
and Creator- ????). When launched, 
it immediately destroys the direc¬ 
tories of all available physically un¬ 
locked hard and floppy disks, includ¬ 
ing the one it resides on. The trojan 
also mounts and destroys any un¬ 
mounted but available SCSI hard 
disks. All disks are renamed 
“Gotcha!" 

The second strain has been detected 
in a public domain program called 
“FontFinder" (Type-APPL and 
Creator=BNBW). It has a trigger 
dateof February 10,1990. On or after 
the trigger date, the trojan is invoked 
and disks are attacked in the same 
manner as the first strain. 

After anattack by eitherversion, you 
usually can recover files off hard 
disks with one of the available com¬ 
mercial file utility programs, but 
often the data file names are lost 
If you have a copy of SAM Anti- 
Virus Utilities, use it. If not, get 
one.fi 


Page 28 


June 1990 


Benchmarks 



Protecting Your Computer Hardware 
_ & Peripherals From Theft _ 

Much of the information in this article was taken from an article by the same name 
written by Ivors Ballots (BITNET: ISBALKJTS@UCDAVIS), Computing Services, 
University of California, Davis. The text of Mr. Ballots article was received from 
the Articles database of CCNEWS, the Electronic Forum for Campus Computing 
Newsletter Editors, a BITNET-based service ofEDUCOM—ed. 


have electric engraving devices 
that you can borrow. 

• Alarm systems —Though costly, 
an alarm system connected to a 
police station can be an effective 
theft-deterrent. It can lead to the 
capture of the perpetrator, as well 
as recoveiy of the stolen equip¬ 
ment. 


M icrocomputers are a popular theft item. Just this past semester,the 
College of Music was hard hit by the theft of their S6.500 Macintosh II 
computer. In November of 1989, thieves hit both the Music Annex and the 
Marketing Department They stole an IBM PC from the Music Department 
and a Macintosh SE from the Marketing Department Off-campus, it is not 
uncommon to read about microcomputer thefts in the “Police Blotter” section 
of various newspapers, including the Denton Record Chronicle. This article 
attempts to incite interest in more effective means of securing campus com¬ 
puters against loss through theft It provides basic tips and tricks for managing 
computer security, describes those lockdown devices, and lists resources of 
information on theft protection and specifics on recommended anti-theft 
devices 

Managing Computer Security 

A first step to managing computer security on campus is an awareness of people 
who belong in your work area and those who do not Challenge any strangers. 
People posing as repairpersons often walk off with computers. Demand iden¬ 
tification and proper documents prior to allowing the removal of any hardware 
5&> m ° ffiCe ° r lab ' Re P ort an y suspicious people to Campus Police at 

Deterrents to computer theft both on and off campus include: key control, 
lockdown devices, regular security checks, alarm systems, and proper insurance 
coverage (to ameliorate loss when thefts do occur). 

• Key control — Locking the door to your office or an unattended lab when 
you leave is an important beginning to effective theft prevention. Dead bolt 
locks are highly recommended. Key control also means not distributing too 
many copies of a key, as well as accurately documenting that distribution. 

• Lock-down devices — A lockdown device should have no exposed cables. 
If the cable can be clipped with pliers or wire cutters or toppers and the 
computer can thus be removed, the device is not secure. Any locking device 
with exposed aluminum bolts is also unsecure. 

Lockdown devices for computer equipment comprise four types: 

1) steel wrap-around units that enclose the computer and are secured by 
locks, bolts, and/or adhesive pads or plates. 

2) one or more steel plates glued or bolted directly to the computer and a 
support such as a desk. 

3) glue-on patches secured by cable and padlock. 

4) various screw-on or glue-on extras (swivels, shelves, tilt adapters, cooling 
fans, etc.). 

• ID markings — Engraving the words “Property of ” your name and your 
social security number is highly recommended. Most police departments 


• Vendors—Some vendors of anti- 
theft devices are Versa Lock, Ina, 
Business Machine Security 
(BMS), and Anchor Pad Interna¬ 
tional FMJ Inc and T-Track Sys¬ 
tems also distribute anti-theft 
devices. Prices of the devices 
range from around 537 to over 
5250. Less expensive cable sys¬ 
tems are also available 

Check with your local computer 
store for more detailed informa¬ 
tion about anti-theft devices. If 
you are concerned about your 
equipment on campus, contact 
Microcomputer Support in the 
Computing Center (565-2316) or 
Micro Maintenance (565-2387). 
The personnel in those depart¬ 
ments will be able to advise you 
about specific steps to take to 
secure your equipment 

NOTE that many lockdown devices 
are used not only on computers, but 
microwaves, calculators, centri¬ 
fuges, scales, and other lab equip¬ 
ment 

References 


“College seeks stolen computer." The 
North Texas Daily, Vol 73, No. 104, 
April 18,1990. 

“Computer Theft" ucla Microcomputing 
(UCLA), Vol 4, No. 6, November- 
December 1988. p. 12. 

“Is Your Computer Secure?" Systems 
(UC Riverside), VoL 8, No. 1, Oc¬ 
tober 1988. p. 1. 

“Physical Security of Microcomputers." 
UofSER News (University of Sas¬ 
katchewan) Vol 18, No. 9, September 
1987. p. 27.5 


Benchmarks 


June 1990 


Page 29 



VAX Upgrades 


By Billy Barron, VAX System Manager (ettnet. bju.y#ukivax) 


T he VAX operations staff, as is 
their custom, installed many 
software upgrades including a few 
with new and exciting features. They 
are as follows. 

• WIN/TCP — WIN/TCP version 
5.1 was installed. This new version 
includes many new features. 

First FTP is 20% faster. Now if 
you anonymous FTP into 
VAXB.ACS.UNT.EDU, you will 
notice that it supports CD and 
there are more files available. 
These files include many 
megabytes of public domain and 
shareware microcomputer 
programs. 

The Unix TALK utility is now 
available on VMS. TALK is 
similar to VMS PHONE, the 
major difference being that 
PHONE supports DECnet net¬ 
works and TALK supports 
TCP/IP networks such as the In¬ 
ternet To use TALK, just type 
TALK userid@nodename from 
the $ prompt For example, use 
the command TALK 
JESUS@EMXUTEXAS.EDU to 
talk to Jesus at the node 
EMX.UTEXAS.EDU. For more 
information on TALK, type 
HELP TALK from the S prompt 
Version 5.1 has a menu driven 
interface to the TCP software and 
an Online Tutorial. Both can be 
accessed by typing RUN 
TWG$TCP:[NETDIST.TUTOR 
IALJWINMENU from the $ 
prompt 

Finally, this version supports 
several new system management 
functions and remote printing 
over TCP/IP. Though we cur¬ 
rently don’t use this printing func¬ 


tion, we will use it in the future to 
share printers between VMS and 
Unix ^sterns. 

• VAX Pascal — VAX Pascal 4.0 is 
a major upgrade of VAX Pascal. 
Version 4.0 incorporates many of 
the features of the new extended 
Pascal standard, which is current¬ 
ly in draft form, including: 

• Schema Types —The schema 
data type is a fairly new 
development in the Pascal lan¬ 
guage. The major advantage is 
being able to generate array 
lengths at run-time instead of 
compile time. For example, 

TYPE 

Unit numben(Len: IKTEGEiO - 

ARRAY [1-Lea] OF INTEGER; 

VAR 

Machine*: Unit_numben(10); 

Device* : Unit_numbcn(A); 

The above line that defines the 
variable “Machines" is equivalent 
to the following old VAR state¬ 
ment* 

VAR 

Machines: ARRAY[1-10] OF 

INTEGER; 

The line that defines the variable 
“Devices" was impossible to 
duplicate under the old version of 
VAX Pascal. “Devices" will be an 
array of integers with A elements 
in the array. The key though is 
that A is a variable which allows 
the program to decide how big the 
array should be at run-time. 
String schemas are also available. 
VAX Pascal now has a predefined 
schema known as STRING, 
which behaves like the type 


VARYING OF CHAR. Forex- 
ample, 

VAR S: STRING(A); 

will create a VARYING OF 
CHAR variable with length A 
The above examples only cover 
the simplest uses of the Schema 
data type. 

• Short Circuit Logic — For a 
long time, the biggest criticism 
of VAX Pascal has been that it 
doesn’t support short circuit 
logic correctly. Due to a bug 
and backwards compatibility 
reasons, VAX Pascal pre¬ 
viously did not support short 
circuit logic. VAX Pascal 4.0 
introduces two new operators 
called AND_THEN and 
OR_ELSE that guarantee left- 
to-rfght evaluation with short 
circuit logic. In most cases, it 
is advisable to use 

AND THEN instead of AND 
and OR_ELSE instead of OR. 

• Initial State Specifiers — Ini¬ 
tial state specifiers allow a vari¬ 
able or data type to have an ini¬ 
tial value. The initial value 
must be a constant though. 

For example: 

TYPE 

Initially Zero-INTEGER 
VALUE 0; 

VAR 

I: Inilially_Zero; 

Valid: BOOLEAN VALUE 
FALSE; 

Pi: REAL VALUE 3.14; 

In these examples, “I” has an ini¬ 
tial value of 0, valid is initially 
false, and Pi is initially 3.14. 

• Enhanced Constructors —A 
constructor is a list of values 
used to assign values to struc¬ 
tured objects, such as arrays, 
records, and sets. Construc¬ 
tors existed in previous ver- 


Page 


June 1990 


Benchmarks 




VAX COMPUTER CLUSTER 



sions of VAX Pascal, but with 
version 4.0 their functionality 
has greatly increased. 

First of all, constructors now 
allow indices and fields to be ex¬ 
plicitly specified. For example: 

TYPE 

A — ARRAY 11-10] OF 
INTEGER; 

R - RECORD 
FI: INTEGER; 

F2: REAL; 

END; 

CONST 

CA-All-3:42; 6-10.841; 

CB - R|F1: 42; F2:3.14]; 

In this example, elements 1 
through 5 of CA have the value of 
42. Elements 6 through 10 have 
the value of 84. Field FI of record 
R has the value 42 and field F2 has 
the value of 3.14. 

CONST 

CC-AJ1A5,7,*42; 
OTHERWISE 0]; 

Elements 1,3,5,7, and 9 have the 
value of 42. The other elements 
of CC (2,4,6,8,10) have the value 
of a 


Also, constructors can be used in 
assignment statements. For ex¬ 
ample: 

VAR 
VA: A; 

FUNCTION Random: INTEGER; 

EXTERNAL; 

VAR EXTERNAL VAR: 
{EXTERNAL] Integer, 

BEGIN 

VA:- A(1 A3,7,9: Random; 
OTHERWISE External w]; 

END 

In this example, the odd elements 
get the value of function Random. 
The even element get assigned the 
value of the variable Exter¬ 
nal var. 


• UPPER and LOWER Func¬ 
tions — The LOWER and 
UPPER functions have been 
extended to handle the upper 
and lower bounds of ordinal 
types, set base types, and array 
index types. For multidimen¬ 
sional arrays, a second 
parameter can be specified to 
indicate the dimension. For ex¬ 
ample: 

TYPE 

AT-ARRAY[1-10] OF 
INTEGER; 

BEGIN 

WRITELN(LOWER/AT), 

UPPER(AT)); 

END 

would print 1 and 10 to the screen. 

• FOR IN Statement — The 
FOR IN statement allow the 
selection of each item from a 
set expression. For example, 

FOR I IN [1A5.6] DO 
Writeln(I); 

would print the numbers 1, 3, 5, 
and 6 on the screen. 

• Non-decimal Integer Con¬ 
stants — A new notation is 
now included to specify integer 
constants in any base from 2 to 
36. The syntax is: 

base#extended-number 

Some examples: 

2#1001001 
8#3777 
16# FEED 

• Array-indexing and Field 
Selecting FUNCTION 
results— Functions returning 
structured types, such as arrays 
or records, can now be indexed 
or selected directly instead of 
requiring the use of a tem¬ 
porary variable. For example: 


TYPE 

Array_Type - ARRAY [1_5] OF 
INTEGER; 

Record Type - RECORD FI: 
REAL END; 

FUNCTION Amy Fn: Amy Type: 

EXTERNAL; " 

FUNCTION Record Fn: 
Recordjiypc; EXTERNAL; 

BEGIN 

WRITELN(Amy Fn[3], 

Record Fn.Fl>; - 

END 

In the past, you would have had 
the following code segment to 
achieve the same results: 

VAR 

A: Amyjfype; 

R: Recordjiype; 

BEGIN 

A:— Amy_Fn; 

R:- Record Fn; 

WRITELN (AI3J.R.F1); 


Many other new VAX Pascal fea¬ 
tures exist. For a full description 
of the new features, see the Ole 
SYSSHELP:PASCAL040.REL 
EASE_NOTES on the VAX. 

• Netware VMS — Netware VMS 
has been upgraded to version Z1 
from 2.0A. TTiis will lend to great¬ 
ly increased connectivity with the 
rest of the Novell Internet on the 
UNT campus. The SHELL.CFG 
files that were needed for com¬ 
patibility with the old version of 
Netware VMS are no longer 
needed. 

One side effect of the Netware 
upgrade is that the VAX and Net¬ 
ware VMS passwords will be inde¬ 
pendent from now on (i.e. if you 
change your VAX/VMS 
password, your Netware VMS 
password does not change). Un¬ 
fortunately, the Netware upgrade 
procedure did not carry forward 
existing passwords to the new ver¬ 
sion of Netware. Therefore, all 
Netware VMS passwords have 
been reset to the original 
password of the account (Le. the 


Benchmarks 


June 1990 


Page 31 



VAX COMPUTER CLUSTER 



password on the slip of paper you 
got when your account was as¬ 
signed). If you don’t what that 
password is and need it, come by 
the Computing Center and have it 
looked up or changed. 

Version 2.1 supports CAPTURE. 
Hopefully in the future, CAP¬ 
TURE will allow some printer 
sharing between PCs and the 
VAX. In addition, the new ver¬ 
sion supports all the features of 
Netware 2.13. 


• Other upgrades — The other 
upgrades recently installed are 
Ada 2.1, BASIC 3.4, VAX C 3.1, 
COBOL 4.3, FORTRAN 5.4, 
Lisp 5.1, Minitab 7.2, and VMS 
53-1. These upgrades mostly con¬ 
sisted of bug fixes instead of new 
features.fi 


BEST OF 
THE BBS 



Edited by Mark Thacker, 
VAXProgrammer/ 
Operator (Brnom 
MARK«UWIVAX) _ 


1/1 #elcome to the Bast of the BBS 
W V column. This column high¬ 
lights some of the more Interesting and 
useful discussions on the UNT BBS. 
For those of you not familiar with the 
BBS, here Is how to log Into the UNT 
BBS. 


• Sign-on by typing CALL DEC at the LAN 
prompt and then entering BBS as your 
Username at the VAX prompt 

• If you are already logged-on to the 
VAXcluster, type BBS at the $ prompt 


VAXCLUSTER USAGE STATISTICS 


April Top Ton Program*: CPU Time Used 


Program 

Description 

CPU Tune 

Percent of Total 

1. U*er program* 

CcopW frofrm 

41 23:33:2638 

83.9 

2 NEWS 

ANU Kw 

1103737.92 

2.9 

1 LISP 

Lkfi Inurpraur 

101:12:31.73 

21 

4. EDT 

M.nf 

014:10:5631 

\J2 

5. PASCAL 

PaacaJ Cowyflrr 

010:573935 

0.9 

6. BACKUP 

DakBKtaqa 

0 10:47:48.79 

0.9 

7 NNTP TCP WIN 

N«*Tno»f*r Uiiiqr 

006:35:05.27 

0.7 

8. MAIL - 

VMS Mai 

007:0238.75 

0.6 

9. LOGINOUT 

VKtlopo 

006:4217.96 

0.6 

10. BBS 

Butctin Board 

006:27:07.96 

03 

Tout 


50 01:17:24.49 



April Top Ten Programs: Frequency of Runs 


Program 

Description 

Number of Runs 

Percent of Total 

1. LOGINOUT 

UMTbffa 

68440 

17.1 

2 SET 

VMS UtSqr 

55232 

13.8 

2 U*er program! 

Cmfiei fmpiot 

31640 

7.9 

4. DIRECTORY 

VMSUrfcjr 

30099 

73 

5. DELETE 

VMSUtCqr 

29991 

73 

6 . EDT 

B*er 

22336 

53 

7. SYS LOG IN 

Vttrlopa 

15778 

3.9 

8 . SEND 

Bdrat Ut#ry 

14170 

33 

9. TYPE 

VMSUtSty 

13492 

14 

10. PASCAL 

PMalCoapfcr 

11968 

3.0 

Total 


401001 



The opinions expressed In tNs column 
do not necessarily reflect the views of 
Academic Computing Services or the 
Computing Center. Also, Information In 
Best of the BBS has not been checked 
tor accuracy. 


PC Pursuit Access In Denton | 

#40417 5-APR-199012:1330.09 
Subject: PC Pursuit 
Is there a way to connect to PC Pur¬ 
suits dial ups from Denton? Without 
it being long distance? If so, does 
anyone have the number? 


#40425 Reply to #40417 5-APR- 
19901539:28.12 
Subject: RE: PC Pursuit 
Hi. Good question. No, there is not 
There is another service however, 
which has the no charge local num¬ 
ber, and which serves the same func¬ 
tion as PCP. It’s called Starlink. 
Talk to Chuck Reed on Visitor’s; 
there is information there about it. 


Two Line Headers In 
WordPerfect 5.0 

#40459 6-APR-199011:26:28.04 
Subject: HEEEEEELP! 


Page 32 


June 1990 


Benchmarks 








VAX COMPUTER CLUSTER 



I have Wordperfect 5.0. I am writing 
a paper and my prof INSISTS that we 
have not only page numbers in the 
right top corner, but ALSO a short 
title on the line below the number! I 
can get WP 5.0 to give me either one, 
or both on the SAME line, but not 
as: 

1 

SHT TITLE 

as I need it Anybody have any ideas? 


#40461 Reply to #40459 6-APR- 
1990 11:57:26.66 

Subject: RE: HEEEEEELP! 

Assuming that you are familiar with 
the WP program itself: 

Under the format menu (shift-f8), 
then Page menu, there is a header 
option. Defining a header will allow 
you to do what the professor is asking 


Select header, define header a, then 
edit. Here’s where it gets interesting. 
Put a B (that’s control-b to you and 
me) wherever you want a page code, 
then add whatever text you want. 
This text does •not* have to be on 
the same line as the page number! 8) 
When finished editing, press F7 and 
the return to the documenLg 



COMPUTING TECHNICAL 
SERVICES 



Isolation, Redundancy, Key 
to Mainframe Security 

By Claudia Lynch, Benchmarks Editor (bxtnet: asw^untvmi) 


I ne University of North Texas 
maintains two separate IBM- 
compatible HDS-8083 computers 
for administrative and academic 
mainframe computing. These 
machines are electronically distinct, 
allowing academicians access to a 
variety of national and international 
wide area networks, while ensuring 
the integrity of administrative 
programs and data. 

These computers are housed in a 
physically secure location, accessible 
by a combination lock. The combina¬ 
tion is changed at regular intervals, 
and there are operations personnel 
on duty twenty-four hours a day. 

The area that houses the computers 
is equipped with a halon fire 
smothering system and all equip¬ 
ment is connected to an uninterup- 


table power supply, housed else¬ 
where in the building. 

Protection from unauthorized per¬ 
sons tampering with programs and 
data or gaining physical access to the 
computers are very real concerns. 
The ability to maintain operations 
during adverse conditions is also an 
important aspect of security plan¬ 
ning. The Computing Center has a 
veiy detailed Disaster Recovery Plan 
that specifies exact procedures to be 
followed in the event of natural or 
man-made disasters. These proce¬ 
dures go into effect when something 
happens to affect computing to such 
a degree that operations would have 
to be discontinued for more than 21 
days. 

An important aspect of the Disaster 
Recovery Plan involves off-site 
storage of data. All academic and 
administrative disk volumes are 


backed-up to tapes at regular inter¬ 
vals (see “Disk Backup Schedules" at 
the end of this issue for some ex¬ 
amples). The backup tapes are 
cycled so that they are housed in a 
fire-resistant vault on campus, then 
to an off-site storage facility in the 
metroplex, then back to a fire-resis¬ 
tant vault on campus. Each cycle 
takes a week. At the end of the third 
week, the tapes are put back into the 
UNT tape library. Such a system 
provides redundancies in backups in 
case there is a disaster of such a mag¬ 
nitude that more than one set of 
backup tapes is needed to restore 
operating systems and data to the 
point closest to they way they were 
before the disaster occurred. 

Obviously, a great deal of time, effort 
and expense has gone into ensuring 
that both the academic and ad¬ 
ministrative mainframes will remain 
operational, even under adverse cir¬ 
cumstances. This may not seem that 
important, at first, but consider the 
alternatives. If there is a system 
failure, is it acceptible to have to wait 
days or weeks for your paycheck or 
your grades or the results of the data 
analysis for your dissertation? 
Probably noLj 


Benchmarks 


June 1990 


Page 33 



COMPUTING TECHNICAL 
SERVICES 



Mainframe Performance Statistics 



Operating Systems Performance Statistic* for April 



Planned 

Product ion 




Production 

Hours 

System 

CPU 

SYSTEM 

Hours 

Achieved 

Uptime 

ACAD 

VM/SP5 

720.00 

705.40 

98.0% 

ACAD 

MUSIC/SP 

68230 

665.46 

97-5% 

ACAD 

MVS/JES2 

720.00 

695.95 

96.7% 

ACAD 

COMPLETA 

707.67 

68230 

963% 

ADMN 

MVS/JES2 

719.65 

717.70 

99.7% 

ADMN 

COMPLETA 

267.00 

266.08 

99.7% 

ADMN 

ADABASA 

68930 

682.17 

98.9% 


• Th* ACAD CPU achieved 100% uptime In April. 

• Th* HDS/7360 DASD achieved 100% uptime In April. 

• Th* HDS/7380 DASD achieved 100% uptime In April. 

• Th* ADMN CPU achieved 100% uptime In April. 

• Th* HDS/7360 DASD achieved 100% uptim* In April. 

• Th* HDS/7360 DASD achieved 100% uptime In April 

• The EMC Solid State Disk achieved 100% uptim* In April.* 


Key Causes Of Lost Productivity In April: ADMN CPU 


Miscellaneous 

1. DASD file maintenance on ADABAS. 

2. Operator mistakes In system restart*. 

3. Keeping COMPLETA down to run FISCAL Job*. 

4. Systems software development 

5. MPU clocks set to daylight saving time. 

6. ADABASA system failure. 


2.06 HOURS 
1.53 
0.92 
0.80 
0.78 
0.28 

6.37 HOURS 


Key Causes Of Lost 
Productivity In April: 
ACAD CPU 


CPU, Tape, and Disk Subsystems (HDS) 

1. Research and analysis 
of Incompatibility 
problem with MVS/SP 
running under VM/SP5 
In duaPprocesalng 

mode on the 6083. 8.15 HOURS. 

2. Research and analysis 

of abortive attempts to 
load an alternate VM/CMS 
nucleus for evaluating 
performance of the EMC 
SSD disk unit 3.57 

3. Cable In th* EMC SSD 
disk unit for evaluating 
performance of thla 

device on the 8083. 3.25 

TOTAL 14.87 HOURS 


Miscellaneous 


1. Abortive attempts to load 
an alternate VM/CMS 
nucleus for evaluating 
performance of th# 

EMC SSD disk unit 5.43 HOURS 

2. System* software 

development 5.07 

3. Step missed In MUSIC 

backup procedure 1.18 

TOTAL 11.68 HOURS 

GRAND TOTAL 26.55 HOURS 


Page 34 


June 1990 


Benchmarks 











COMPUTING TECHNICAL 



SERVICES 



AprIITop Ten Program* : Frequency Of Runs 


Program 

Description 

#of 

%of 



Rum 

Total 

1. PGM-'-DD 

Compiled Program 

11368 

15.5 

Z EWL 

linkage Editor 

10615 

145 

3. IEBGENER 

IBM Utility 

8505 

115 

4. ADARUN 

ADABAS Utility Module 

6542 

8.9 

5. SASLPA 

SAS 

4900 

6.7 

6 . IGYCRCTL 

VS COBOU Compiler 

4251 

55 

7. SPCHLCOB 

COBOLZ Report Writer 

3489 

4 5 

8 . IKFCBL00 

VS COBOL Compiler 

3215 

4.4 

9. SPSSX 

SPSS-X 

3051 

42 

10. IEV90 

Assembler H 

2662 

3.6 


April Top Ten Program*: CPU Second* Used 

Program 

Deacription 

CPU 

%0f 



Second* 

Total 

1. COMPLET4 

Academic COM-PLETE 

132631 

355 

Z SASLPA 

SAS 

59854 

15.9 

3. PGM-*DD 

Compiled Program 

55700 

145 

4. ADARUN 

ADABAS Utility Module 

36381 

9.7 

5. SPSSX 

SPSS-X 

19875 

55 

6 . SPCHLCOB 

COBOL2 Report Writer 

18050 

45 

7. IGYCRCTL 

VS COBOL2 Compiler 

8513 

25 

8 . EWL 

Linkage Editor 

5763 

15 

9. SSS4001 

Operationi Automation 

4749 

15 

10. IKFCBL00 

VS COBOL Compiler 

4115 

1.1 


The programs listed in this section were used the most frequently on the HDS ACADemic CPU during April, 1990. 
Please Note that ACAD is the official designation of the HDS/8083 CPU that is dedicated to faculty and student use. 

The HDS/8083 CPU reserved for University administrative purposes is termed ADMN.8 


Just for Fun: Literary 
Criticism Meets COBOL 

By Jonathan R. Partington (-Received from the rec.hurooriunny 

Newsgroup 


>\ team of American scholars have performed a detailed computer analysis 
XJLand they confirm that the language COBOL was invented by William 
Shakespeare (and not by Bacon, Elizabeth I, Walter Raleigh, Marlowe, Ben 
Johnson, or Don Knuth.) Taking a large sample of known COBOL programs, 
and works by the above authors, they performed a detailed analysis and confirm 
that COBOL matched the Shakespearean style almost perfectly. It also enabled 
them to identify various other works as COBOL programs which were pre¬ 
viously thought to be poetry. For example the following is now known to be a 
genuine COBOL program. 

“Let us ADD our INCOME to our CAPITAL, as the squirrel adds to its autumn 
horde. Aye, there’s the SUM that makes a TOTAL EEALTH. 3000 DUCATS? 
Is this an EXPENDITURE I see before me? WEALTH. 3000 DUCATS? Is 
this an EXPENDITURE I see before me? Marry ’tis best ’twere TAKEN 
AWAY, like as the magpie taketh away the jewel of great price. But hist! Here 


cometh the INTEREST, and ’tis of 
no mean interest, i’ faith! I had lief 
ADD a percentage of this, than clasp 
my fair Rosalind’s spleen." 

Scholars have occasionally 
suspected that COBOL programs 
are supposed to have a ’hidden 
agenda’, rather than being straight 
works of art in themselves. One 
bizarre theory is that they may con¬ 
tain numerical calculations em¬ 
bedded in them — indeed some 
scholars claimed that a Baconian 
cipher was involved. This seems im¬ 
plausible however. 

Analysis of FORTRAN programs is 
next on the list — can ’Into the Val¬ 
ley of Death GOTO 600’ really be by 
Alfred Lord Tennyson, or is just a 
pastiche of his style? Nobody knows 
for sure. 

On the other hand, scholars are fairly 
sure than the C language was devised 
by James Joyce — mainly because, 
like Joyce, most of it is totally un¬ 
readable. 5 


Benchmarks 


June 1990 


Page 35 





COMPUTING TECHNICAL 
SERVICES 



Disk Backup Schedules 

SYSTEM 

BACKUP 

DESCRIPTION 

Administrative MVS/SP 

Daily 

Monday - Friday around 7 p.m. (after COM PLETE is shut down) A on 

Saturday & Sunday if COM PLETE has been up that day. 


Weekly 

Full pack dump* taken each Suncay morning. 


Monthly 

Full pack dumps taken on the first day of each month. 

Academic MVS/SP 

Daily 

Monday - Sunday during the early hours of the rooming. 


Weekly 

Full pack dumps taken each Sunday. 


Monthly 

Full volume dumps taken on the first day of each month. 

MUSIC/SP 

Daily 

Wednesday - Monday starting at 4 a.m. and lasting about 30 minutes. 


Weekly 

Tuesday roomings at 3 a.m., these last about 2 hours. 


Semester 

Once a semester, a permanent backup Is taken. 

VM/SP 

VM Weekly 

Early every Wednesday rooming. 


CMS mini-disks 

Daily backup performed early every rooming. Weekly backup every Wednesday starting 
at3ajn- 

VAXduster 

Daily 

Incremental backups are peprfonned Monday - Thursday at 6 p.m. 


Weekly 

Full backups are performed every Friday beginning at 8 a.m. and generally last all day. 


Monthly 

A “stand alooe" backup is performed monthly. Dates and tiroes are given in 
the system log-on message. 


Semester 

Once a semester, a permanent backup ia taken. 

A fun description of the system backup procedures 

can be found by typing HELP BACKUP on MUSIC/SP or tbeVAXduster. 


• 

University 

Richard A. Harris, Associate Vice President for Computing 

of North 

Steve Minnis, Director of Computing Technical Services 

Texas 

Dave Molta, Director of Academic Computing 

Computing 

Center 

Coy Hoggard, Director of Administrative Computing 

Claudia Lynch, Benchmarks Editor 

... 

.. . r .-x * i' 

Philip Baczewsld, Benchmarks Associate Editor 


Page 36 


June 1990 


Benchmarks 











Computing Center Short Course Registration Form 


Please complete this form and return it AS SOON AS POSSIBLE If you wish to attend any of the short cour¬ 
ses listed below. You may also register over the phone by calling (817) 565-2324. FACULTY AND STU¬ 
DENTS HAVE FIRST PRIORITY TO REGISTER FOR THESE CLASSES. STAFF MEMBERS ** MUST ** 
REGISTER THROUGH THE PERSONNEL OFFICE. 


NAME: 


DEPT: 


PHONE: 


SUPERVISOR SIGNATURE 


I wish to attend: 


.FACULTY_STAFF_STUDENT_ 

.UNDERGRADUATE_GRADUATE_ 

.MAILING ADDRESS: 


• Introduction to JCL (ISB 123): 

_Monday, June 11:3-5 p.m. 

• Introduction to SPSS-X (ISB 123): 

_Friday, June 15: 8:30-10:30 am. 

• Introduction to VAX/VMS (ISB 110): 

_Friday, June 8: 8:30-10:30 am. 

• Introduction to the Internet & THENET (ISB 123): 

_Friday, June 22:10 am.-Noon 

• Introduction to Microsoft Word (ISB 6): 

_Friday June 22:10 am.-12:30 p.m. 

• Introduction to Procomm Plus (ISB 123): 

_Friday, June 22: 9-10 am. 

• Introduction to Microcomputer Libs (ISB 110): 

_Monday, June 11: 3:30-5:30 p.m. 

_Wednesday, July 11:3:30-5:30 p.m. 


• Introduction to SAS (ISB 123): 

_Friday, June 8: 10:30 am.-12:30 p.m. 

• Introduction to CMS (ISB 123): 

_Friday, June 8: 8:30-10:30 am. 

• Introduction to BITNET (ISB 123): 

_Friday, June 15: 10:30 am.-12:30 p.m. 


• Introduction to WP 5.1 (ISB 110): 

_Friday, June 29: 9 am.-Noon 

• Introduction to SAS PC (ISB 110): 

_Friday, June 8:10:30 am.-12:30 p.m. 

• Introduction to SPSS PC+ (ISB 110): 
_Friday, June 15: 10 am.-Noon 


I would like to see more classes offered: _on weekends; _at night 


The classes I am Interested In are: 




Academic Computing Services 
The Computing Center 
NT Box 13495 
University of North Texas 
Denton, TX 76203 
FAX 817-565-4060 


Get a Subscription to Benchmarks 

Benchmarks is a vital link between the UNT Computing Center and the users of our 
facilities. It is important for all users of the computing facilities to maintain a file of 
these newsletters because they contain materials which will periodically update 
existing documents as well as information and suggestions on uses of OS/MVS, 
MUSIC/SP, the VAXcluster, Microcomputers, and other resources available to 
UNT students and faculty. To facilitate the dispersal of Benchmarks, FREE *** 
subscriptions are available. To receive yours, send the following information to us 
either by snail mail (the post office or campus mail), FAX (817) 565-4060, or through 
electronic mail, to the UserlD AS04 on MUSIC, VMS, or CMS. 


Name:_ 

Mailing Address: 


PLEASE GIVE A CAMPUS ADDRESS (NOT BOX) IF POSSIBLE! - It’s 
Cheaper!! 


Renewal Change of Address Cancel Subscription 


Academic Computing Services 
The Computing Center 
# NT Box 13495 
University of North Texas 
Denton, TX 76203 


FAX 817-565-4060 


